5.5

CVE-2021-28950

An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.11.8
FedoraprojectFedora Version33
FedoraprojectFedora Version34
DebianDebian Linux Version9.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.277
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-834 Excessive Iteration

The product performs an iteration or loop without sufficiently limiting the number of times that the loop is executed.

https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
Third Party Advisory
Mailing List
https://www.debian.org/security/2022/dsa-5096
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8
Patch
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/