CVE-2021-3178
CVSS v3.1
6.5 (Medium)
CVSS v2.0
5.5 (Medium)
EPSS
0.20 % (57th)
Affected Products
3
Advisories
9
NVD Status
Modified
fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior
Weaknesses
- CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE Status
- PUBLISHED
- NVD Status
- Modified
- CNA
- MITRE
- Published Date
-
2021-01-19 07:15:13
(3 years ago) - Updated Date
-
2024-08-03 17:15:38
(6 weeks ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...