An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2021/05/08/1 | Mailing List Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1944298 | Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210611-0007/ | Third Party Advisory |
https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg2520013.html | |
https://www.openwall.com/lists/oss-security/2021/03/28/2 | Mailing List Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
07 Nov 2023, 03:38
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
21 Jan 2022, 14:43
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210611-0007/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html - Mailing List, Third Party Advisory | |
First Time |
Netapp h300e
Debian debian Linux Netapp h410s Netapp h410c Netapp h410s Firmware Netapp h700s Netapp Netapp h410c Firmware Netapp h500e Firmware Netapp h700e Firmware Netapp h300e Firmware Netapp solidfire Baseboard Management Controller Firmware Netapp h500s Firmware Netapp cloud Backup Netapp h300s Firmware Netapp h700s Firmware Netapp h500e Debian Netapp h700e Netapp h500s Netapp h300s |
23 Jun 2021, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
11 Jun 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Jun 2021, 13:33
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/05/08/1 - Mailing List, Patch, Third Party Advisory |
08 May 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Apr 2021, 12:55
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1944298 - Issue Tracking, Third Party Advisory | |
References | (MISC) https://www.openwall.com/lists/oss-security/2021/03/28/2 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2520013.html - Mailing List, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.6
v3 : 7.1 |
CPE | cpe:2.3:o:linux:linux_kernel:5.12:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.12:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.12:rc2:*:*:*:*:*:* |
19 Apr 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-19 22:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-3506
Mitre link : CVE-2021-3506
CVE.ORG link : CVE-2021-3506
JSON object : View
Products Affected
netapp
- h500e_firmware
- h300s_firmware
- h300e_firmware
- h700e_firmware
- h700s_firmware
- h700s
- h700e
- h500e
- h410c
- h410s
- h500s
- solidfire_baseboard_management_controller_firmware
- cloud_backup
- h410s_firmware
- h300e
- h410c_firmware
- h300s
- h500s_firmware
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-125
Out-of-bounds Read