vulnerability

Amazon Linux AMI: CVE-2021-28964: Security patch for kernel (ALAS-2021-1503)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:M/Au:N/C:N/I:N/A:P)	Mar 22, 2021	May 26, 2021	Oct 14, 2022

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:N/A:P)

Published

Mar 22, 2021

Added

May 26, 2021

Modified

Oct 14, 2022

Description

A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.

Solution

amazon-linux-upgrade-kernel

References

AMAZON-ALAS-2021-1503
NVD-CVE-2021-28964
UBUNTU-USN-4948-1
UBUNTU-USN-4979-1
UBUNTU-USN-4982-1
UBUNTU-USN-4984-1
UBUNTU-USN-5361-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today