ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

CVE-2021-4090

Updated: 2025-12-01 01:57:56.050108

Description:

An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat.

Links	NIST	CIRCL	RHEL	Ubuntu

Severity

	Severity	Score
CVSS Version 2.x	MEDIUM	6.6
CVSS Version 3.x	HIGH	7.1

Status

OS name	Project name	Version	Score	Severity	Status	Last updated
AlmaLinux 9.2 ESU	kernel	5.14.0	7.1	HIGH	Already Fixed	2024-01-20 08:38:00
CentOS 6 ELS	kernel	2.6.32	7.1	HIGH	Not Vulnerable	2022-03-30 15:43:18
CentOS 7 ELS	kernel	3.10.0	7.1	HIGH	Not Vulnerable	2023-11-03 09:33:15
CentOS 8.4 ELS	kernel	4.18.0	7.1	HIGH	Not Vulnerable	2022-03-18 18:52:47
CentOS 8.5 ELS	kernel	4.18.0	7.1	HIGH	Not Vulnerable	2022-03-18 18:52:47
CloudLinux 6 ELS	kernel	2.6.32	7.1	HIGH	Not Vulnerable	2022-03-30 15:43:18
Oracle Linux 6 ELS	kernel	2.6.32	7.1	HIGH	Not Vulnerable	2022-03-30 15:43:18
Ubuntu 16.04 ELS	linux-hwe	4.15.0	7.1	HIGH	Not Vulnerable	2022-10-05 03:15:02
Ubuntu 16.04 ELS	linux	4.4.0	7.1	HIGH	Not Vulnerable	2022-04-11 16:02:55
Ubuntu 18.04 ELS	linux	4.15.0	7.1	HIGH	Not Vulnerable	2023-08-28 21:18:55