CVE-2021-3428

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat.

Related Vulnerabilities

CVE-2011-4097

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termin...

CWE-1902011

CVE-2012-0038

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, l...

CWE-1902012

CVE-2015-1526

MEDIUM
CVSS:5.5(Medium)

The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.

CWE-1902015

CVE-2015-4645

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which tri...

CWE-1902015

CVE-2015-8933

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted...

CWE-1902015

CVE-2016-3712

MEDIUM
CVSS:5.5(Medium)

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

CWE-1902016