CVE-2021-28950
First published: Thu Mar 04 2021(Updated: )
A denial of service in the kernel side of the FUSE functionality can allow a local system to create a denial of service.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-348.rt7.130.el8 | 0:4.18.0-348.rt7.130.el8 |
| redhat/kernel | <0:4.18.0-348.el8 | 0:4.18.0-348.el8 |
| redhat/kernel-rt | <0:4.18.0-305.28.1.rt7.100.el8_4 | 0:4.18.0-305.28.1.rt7.100.el8_4 |
| redhat/kernel | <0:4.18.0-305.28.1.el8_4 | 0:4.18.0-305.28.1.el8_4 |
| Linux Linux kernel | <5.11.8 | |
| Fedoraproject Fedora | =33 | |
| Fedoraproject Fedora | =34 | |
| Debian Debian Linux | =9.0 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Remedy
As the FUSE module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions: # echo "install fuse /bin/true" >> /etc/modprobe.d/disable-fuse.conf The system will need to be restarted if the FUSE modules are loaded. In most circumstances, the CIFS kernel modules will be unable to be unloaded while the FUSE filesystems are in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-28950 https://nvd.nist.gov/vuln/detail/CVE-2021-28950
- https://bugzilla.redhat.com/show_bug.cgi?id=1941762
- https://access.redhat.com/errata/RHSA-2021:4140
- https://access.redhat.com/errata/RHSA-2021:4356
- https://access.redhat.com/errata/RHSA-2021:4648
- https://access.redhat.com/errata/RHSA-2021:4650
- https://access.redhat.com/security/cve/CVE-2021-28950
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/
- https://www.debian.org/security/2022/dsa-5096
- https://launchpad.net/bugs/cve/CVE-2021-28950
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1941763
- https://access.redhat.com/solutions/41278
- https://access.redhat.com/security/cve/cve-2021-28950
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/
- https://git.kernel.org/linus/775c5033a0d164622d9d10dd0f0a5531639ed3ed
- https://security-tracker.debian.org/tracker/CVE-2021-28950
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28950
- https://nvd.nist.gov/vuln/detail/CVE-2021-28950
- https://ubuntu.com/security/CVE-2021-28950
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-28950
- agent/author
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/tags
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- package-manager/redhat
- vendor/linux
- canonical/linux linux kernel
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/33
- version/fedoraproject fedora/34
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- package-manager/debian