Bug 1992745 (CVE-2021-38203)
Summary: | CVE-2021-38203 kernel: btrfs: deadlock via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, bdettelb, bhu, blc, brdeoliv, bskeggs, chwhite, crwood, dhoward, dvlasenk, fhrbata, fpacheco, hdegoede, hkrzesin, jarod, jarodwilson, jeremy, jforbes, jglisse, jlelli, jonathan, josef, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, mchehab, mlangsdo, nmurray, ptalbert, qzhao, rvrbovsk, steved, tomckay, walters, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | kernel 5.14 rc2 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in the btrfs filesystem in the Linux kernel that allows attackers to cause a denial of service via processes that trigger allocation of new system chunks when there is a shortage of free space in the system space_info. The highest threat from this vulnerability is to system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-08-26 21:34:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1992746 | ||
Bug Blocks: | 1992747 |
Description
Guilherme de Almeida Suckevicz
2021-08-11 17:13:44 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1992746] This was fixed for Fedora with the 5.13.4 stable kernel updates. Setting hosted services 'notaffected' per kernel analysis. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-38203 |