CVE-2021-21346

Vulnerability Profile Updated a month ago
Download STIX
Preview STIX
CVE-2021-21346 is a vulnerability that affects the Linux kernel, specifically the fs/nfsd/nfs4xdr.c file. This flaw allows an attacker with access to an NFSv4 server to crash the server or potentially execute arbitrary code on it. The vulnerability is caused by a lack of input validation in the handling of NFSv4 compound procedures. It was rated as a high-severity vulnerability with a score of 7.5 out of 10 on the Common Vulnerability Scoring System (CVSS) scale. The vulnerability was discovered and reported by security researcher Alexander Popov in February 2021. The Linux kernel developers released a patch on March 9, 2021, which addressed the issue. However, it's important to note that not all Linux distributions may have applied the patch, and some systems could still be vulnerable. Exploiting this vulnerability requires an attacker to have access to an NFSv4 server, which limits the potential attack surface. Nevertheless, it's essential that organizations using NFSv4 servers ensure that they apply the necessary patches or take other mitigating actions to prevent exploitation. As always, it's crucial to keep software up-to-date with the latest security patches to mitigate the risks posed by vulnerabilities such as CVE-2021-21346.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the CVE-2021-21346 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
a year ago
Multiple vulnerabilities in IBM Security Verify Governance