Out-of-Bounds Read in strlen Vulnerability in Linux Kernel NFS Traffic Handling

Out-of-Bounds Read in strlen Vulnerability in Linux Kernel NFS Traffic Handling

CVE-2021-38202 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.