First published: Mon Dec 26 2022(Updated: )
An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Illumos Illumos | <2022-01-18 | |
Omniosce Omnios | =r151038 | |
Openindiana Openindiana | =hipster_2021.04 | |
Joyent SmartOS | =20210923 | |
Oracle Solaris | =10 | |
Oracle Solaris | =11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-43395.
The severity level of CVE-2021-43395 is medium with a score of 5.5.
CVE-2021-43395 affects illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923.
A local unprivileged user can cause a deadlock and kernel panic by crafting rename and rmdir calls on tmpfs filesystems.
Yes, you can find more information about CVE-2021-43395 at the following links: [http://www.tribblix.org/relnotes.html](http://www.tribblix.org/relnotes.html), [https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c](https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c), [https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c](https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c)