1997958 – (CVE-2021-3739) CVE-2021-3739 kernel: null-ptr-dereference bug in btrfs_rm_device in fs/btrfs/volumes.c

Bug 1997958 (CVE-2021-3739) - CVE-2021-3739 kernel: null-ptr-dereference bug in btrfs_rm_device in fs/btrfs/volumes.c

Summary: CVE-2021-3739 kernel: null-ptr-dereference bug in btrfs_rm_device in fs/btrfs...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2021-3739
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1997960
Blocks:	Embargoed1997939 Red Hat2002254
TreeView+	depends on / blocked

Reported:	2021-08-26 07:26 UTC by Dhananjay Arunesh
Modified:	2021-09-08 15:11 UTC (History)
CC List:	42 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed:	2021-08-30 11:57:30 UTC

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2021-08-26 07:26:25 UTC

A NULL pointer dereference flaw was found in btrfs_rm_device function in fs/btrfs/volumes.c in Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This could allow a local attacker to crash the system or leak kernel internal information.

References:
https://lore.kernel.org/linux-btrfs/CAFcO6XO5TC5sEo-C9JGC75JkNAzkOSSLA3a=bwQqXFFbRTZ7Gw@mail.gmail.com/T/#md4b850f33616b7364f86e6fed144abc925f3669c
https://lore.kernel.org/linux-btrfs/20210806102415.304717-1-wqu@suse.com/T/#u

Comment 1 Dhananjay Arunesh 2021-08-26 07:29:44 UTC

Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1997960]

Comment 6 Product Security DevOps Team 2021-08-30 11:57:30 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3739

Comment 7 Justin M. Forbes 2021-09-08 15:11:32 UTC

This was fixed for Fedora with the 5.13.14 stable kernel updates.

Note You need to log in before you can comment on or make changes to this bug.

acaringi
adscvr
airlied
alciregi
bhu
brdeoliv
bskeggs
chwhite
dhoward
dvlasenk
fhrbata
fpacheco
hdegoede
hkrzesin
jarod
jarodwilson
jeremy
jforbes
jglisse
jlelli
jonathan
josef
jshortt
jstancek
jwboyer
kcarcia
kernel-maint
kernel-mgr
lgoncalv
linville
masami256
mchehab
nmurray
ptalbert
qzhao
rkeshri
rvrbovsk
security-response-team
steved
swood
walters
williams