CVE-2021-46923

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-668
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always cleanup mount_kattr Make sure that finish_mount_kattr() is called after mount_kattr was succesfully built in both the success and failure case to prevent leaking any references we took when we built it. We returned early if path lookup failed thereby risking to leak an additional reference we took when building mount_kattr when an idmapped mount was requested.

Related Vulnerabilities

CVE-2005-2351

MEDIUM
CVSS:5.5(Medium)

Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.

CWE-6682005

CVE-2008-2544

MEDIUM
CVSS:5.5(Medium)

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

CWE-6682008

CVE-2013-0163

MEDIUM
CVSS:5.5(Medium)

OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS

CWE-6682013

CVE-2013-4280

MEDIUM
CVSS:5.5(Medium)

Insecure temporary file vulnerability in RedHat vsdm 4.9.6.

CWE-6682013

CVE-2017-17087

MEDIUM
CVSS:5.5(Medium)

fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local users...

CWE-6682017

CVE-2018-20947

MEDIUM
CVSS:5.5(Medium)

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).

CWE-6682018