CVE-2021-4150
Updated: 2022-06-26 11:38:50.055288
Description:
A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk.
| Links | NIST | CIRCL | RHEL | Ubuntu |
Severity
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 4.9 |
| CVSS Version 3.x | MEDIUM | 5.5 |
Status
| OS name | Project name | Version | Status | Errata | Last updated |
|---|---|---|---|---|---|
| CentOS 6 ELS | kernel | 2.6.32 | Ignored | 2022-06-26 11:38:50.211473 | |
| CentOS 8.4 ELS | kernel | 4.18.0-305.25.1 | Ignored | 2022-06-26 11:38:49.993336 | |
| CentOS 8.5 ELS | kernel | 4.18.0-348.7.1 | Ignored | 2022-06-26 11:38:50.096918 | |
| CloudLinux 6 ELS | kernel | 2.6.32 | Ignored | 2022-06-26 11:38:50.171922 | |
| Oracle Linux 6 ELS | kernel | 2.6.32 | Ignored | 2022-06-26 11:38:50.133715 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | Ignored | 2022-06-26 11:38:50.566338 |
Statement
Will not fix: low score