CVE-2021-40490

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

References

https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=9e445093e523f3277081314c864f708fd4bd34aa

https://lists.fedoraproject.org/archives/list/[email protected]/message/XJGX3DMJT6MRBW2XEF3TWVHYWZW3DG3N/

https://lists.fedoraproject.org/archives/list/[email protected]/message/M6VS2DLGT7TK7URKAS2KWJL3S533SGVA/

https://www.debian.org/security/2021/dsa-4978

https://security.netapp.com/advisory/ntap-20211004-0001/

https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html

Details

Source: MITRE

Published: 2021-09-03

Updated: 2021-12-17

Type: CWE-362

Risk Information

CVSS v2

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

CVSS v3

Base Score: 7

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 5.13.13 (inclusive)

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:netapp:aff_a250_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:aff_a250:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:netapp:fas_500f_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:fas_500f:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 10

AND

OR

cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 11

AND

OR

cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 12

AND

OR

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 13

AND

OR

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 14

AND

OR

cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 15

AND

OR

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 16

AND

OR

cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*

Tenable Plugins

View all (48 total)

IDNameProductFamilySeverity
156431EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2934)NessusHuawei Local Security Checks
high
156415EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2919)NessusHuawei Local Security Checks
high
156414EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2912)NessusHuawei Local Security Checks
high
156347EulerOS Virtualization 3.0.2.0 : kernel (EulerOS-SA-2021-2818)NessusHuawei Local Security Checks
high
156303EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2805)NessusHuawei Local Security Checks
high
156163Debian DLA-2843-1 : linux - LTS security updateNessusDebian Local Security Checks
high
155959SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3972-1)NessusSuSE Local Security Checks
high
155930SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3969-1)NessusSuSE Local Security Checks
high
155910SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3929-1)NessusSuSE Local Security Checks
high
155902SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3935-1)NessusSuSE Local Security Checks
high
155840SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3876-1)NessusSuSE Local Security Checks
high
155824openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3876-1)NessusSuSE Local Security Checks
high
155326Photon OS 4.0: Linux PHSA-2021-4.0-0126NessusPhotonOS Local Security Checks
high
154352Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5116-2)NessusUbuntu Local Security Checks
high
154338Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)NessusUbuntu Local Security Checks
high
154279Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5115-1)NessusUbuntu Local Security Checks
high
154278Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5116-1)NessusUbuntu Local Security Checks
high
154273Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5114-1)NessusUbuntu Local Security Checks
high
154241Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5113-1)NessusUbuntu Local Security Checks
high
154206openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1365-1)NessusSuSE Local Security Checks
high
154192openSUSE 15 Security Update : kernel (openSUSE-SU-2021:1357-1)NessusSuSE Local Security Checks
high
154190SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3447-1)NessusSuSE Local Security Checks
high
154187openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3447-1)NessusSuSE Local Security Checks
high
154165Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9485)NessusOracle Linux Local Security Checks
high
154163Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9488)NessusOracle Linux Local Security Checks
high
154133SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3415-1)NessusSuSE Local Security Checks
high
154104openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3387-1)NessusSuSE Local Security Checks
high
154099SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3337-1)NessusSuSE Local Security Checks
high
154098SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3339-1)NessusSuSE Local Security Checks
high
154094SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3387-1)NessusSuSE Local Security Checks
high
154091openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3338-1)NessusSuSE Local Security Checks
high
154088SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3388-1)NessusSuSE Local Security Checks
high
154087SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3338-1)NessusSuSE Local Security Checks
high
154063SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3389-1)NessusSuSE Local Security Checks
high
154054SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:3386-1)NessusSuSE Local Security Checks
high
154016OracleVM 3.4 : kernel-uek (OVMSA-2021-0035)NessusOracleVM Local Security Checks
high
153992Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9475)NessusOracle Linux Local Security Checks
high
153991Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9474)NessusOracle Linux Local Security Checks
high
153963Photon OS 2.0: Linux PHSA-2021-2.0-0399NessusPhotonOS Local Security Checks
high
153896Amazon Linux 2 : kernel (ALAS-2021-1712)NessusAmazon Linux Local Security Checks
high
153860Amazon Linux AMI : kernel (ALAS-2021-1539)NessusAmazon Linux Local Security Checks
high
153789Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5096-1)NessusUbuntu Local Security Checks
high
153668Debian DSA-4978-1 : linux - security updateNessusDebian Local Security Checks
high
153582OracleVM 3.4 : kernel-uek (OVMSA-2021-0031)NessusOracleVM Local Security Checks
critical
153567Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9458)NessusOracle Linux Local Security Checks
high
153559Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9460)NessusOracle Linux Local Security Checks
high
153557Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9459)NessusOracle Linux Local Security Checks
critical
153418Amazon Linux 2 : kernel (ALAS-2021-1704)NessusAmazon Linux Local Security Checks
high