CVE 2021-3178
** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior.
Related bugs and status
CVE-2021-3178 (Candidate) is related to these bugs:
Bug #1909647: xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub-cases
Bug #1919147: ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1919147 | ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 | ubuntu-kernel-tests | Undecided | Fix Released | ||
1919147 | ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 | linux-oem-5.6 (Ubuntu) | Undecided | Invalid | ||
1919147 | ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 | linux-oem-5.6 (Ubuntu Focal) | Undecided | Fix Released |
Bug #1919277: l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1919277 | l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 | linux-oem-5.6 (Ubuntu) | Undecided | Invalid | ||
1919277 | l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 | ubuntu-kernel-tests | Undecided | Fix Released | ||
1919277 | l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 | linux-oem-5.6 (Ubuntu Focal) | Undecided | Fix Released |
Bug #1921042: focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow kernel-signoff | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-lrm | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | linux-oem-5.6 (Ubuntu Focal) | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-lrs | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow prepare-package-lrg | Medium | Fix Released | ||
1921042 | focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.