First published: Mon Mar 22 2021(Updated: )
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | <=5.11.8 | |
Red Hat Fedora | =32 | |
Red Hat Fedora | =33 | |
Red Hat Fedora | =34 | |
Debian Linux | =9.0 | |
NetApp Cloud Backup | ||
NetApp SolidFire Baseboard Management Controller Firmware | ||
All of | ||
NetApp A250 Firmware | ||
NetApp A250 Firmware | ||
All of | ||
NetApp FAS500F Firmware | ||
NetApp FAS500F Firmware | ||
NetApp A250 Firmware | ||
NetApp A250 Firmware | ||
NetApp FAS500F Firmware | ||
NetApp FAS500F Firmware | ||
debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-28964 is classified as high due to its potential to cause denial of service.
To fix CVE-2021-28964, update to a patched version of the Linux kernel, such as 5.10.223-1 or later.
CVE-2021-28964 affects the Linux kernel versions up to and including 5.11.8.
CVE-2021-28964 impacts systems running unpatched versions of the Linux kernel, as well as specific Fedora and Debian distributions.
There is no specific known workaround for CVE-2021-28964 besides applying the appropriate kernel updates.