CVE-2021-28038
Published Mar 5, 2021
Last updated 8 months ago
Overview
- Description
- An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 4
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 6.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-770
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "873F5904-E137-45CC-A229-1ACB174021B9",
"versionEndExcluding": "4.4.260",
"versionStartIncluding": "2.6.39"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37A31D37-6E2B-487D-A7B1-AA678845E3BD",
"versionEndExcluding": "4.9.260",
"versionStartIncluding": "4.5.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2C21DCE-38E0-48E5-AB62-F12536A90A1B",
"versionEndExcluding": "4.14.224",
"versionStartIncluding": "4.10.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BA86006-B187-4C7D-9712-36D3D724AC33",
"versionEndExcluding": "4.19.179",
"versionStartIncluding": "4.15.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3CFDB2D-F538-4E59-B331-7EAD494C2924",
"versionEndExcluding": "5.4.103",
"versionStartIncluding": "4.20.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADF2B8FE-6B1B-40C6-B1DC-37812D5A0F1A",
"versionEndExcluding": "5.10.21",
"versionStartIncluding": "5.10.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "635861E2-E992-4768-A883-CBC76271AFD1",
"versionEndExcluding": "5.11.4",
"versionStartIncluding": "5.11.0"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07875739-0CCB-4F48-9330-3D4B6A4064FA"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.12:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA09B732-04F8-452C-94CF-97644E78684D"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"
},
{
"criteria": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D"
}
],
"operator": "OR"
}
]
}
]