CVSS Score v3.1
7.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score
0.0014
33.4th percentile
Risk Priority
14
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2021-3506 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel . Its CVSS base score is 7.1 (High).
Operationally, ranked at the 33.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
Vulnerability
Related Threats
Affected Assets
Mitigating Controls
Vulnerability details
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system…
more crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
linux
linux kernel
5.12 · ≤ 5.12
netapp
cloud backup
all versions
netapp
solidfire baseboard management controller firmware
all versions
netapp
h300s firmware
all versions
netapp
h500s firmware
all versions
netapp
h700s firmware
all versions
netapp
h300e firmware
all versions
netapp
h500e firmware
all versions
netapp
h700e firmware
all versions
+2 more product configuration(s) — see NVD for full list
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.
References
Mailing List, Patch, Third Party Advisory · secalert@redhat.com
Issue Tracking, Third Party Advisory · secalert@redhat.com
Mailing List, Third Party Advisory · secalert@redhat.com
Third Party Advisory · secalert@redhat.com
secalert@redhat.com
Mailing List, Patch, Third Party Advisory · secalert@redhat.com
Mailing List, Patch, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108
Issue Tracking, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108
Mailing List, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108
af854a3a-2127-422b-91ae-364da2661108
Mailing List, Patch, Third Party Advisory · af854a3a-2127-422b-91ae-364da2661108