CVE-2021-26931

CVSS v3.1 5.5 (Medium)

CVSS v2.0 1.9 (Low)

EPSS 0.04 % (15^th)

Affected Products 3

Advisories 37

An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c.

Weaknesses

CWE-770: Allocation of Resources Without Limits or Throttling

Related CVEs

CVE-2021-28038

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2021-02-17 02:15:12
(3 years ago)
Updated Date: 2024-03-25 01:15:50
(5 months ago)

Affected Products

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 2.6.39 version and 5.10.16 and prior versions	cpe:2.3:o:linux:linux_kernel	>= 2.6.39	<= 5.10.16

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 32	cpe:2.3:o:fedoraproject:fedora:32
	Fedoraproject Fedora 33	cpe:2.3:o:fedoraproject:fedora:33

Configuration #3

		CPE23	From	Up To
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0

Weaknesses

Related CVEs

Affected Products

Debian

Fedoraproject

Linux

Configuration #1

Configuration #2

Configuration #3