CVE-2021-3178 - log back

CVE-2021-3178 edited at 27 Jan 2021 14:13:20
References
https://patchwork.kernel.org/project/linux-nfs/patch/20210111210129.GA11652@fieldses.org/
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/nfsd/nfs3xdr.c?h=v5.10.10&id=fdcaa4af5e70e2d984c9620a09e9dade067f2620
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.10&id=fdcaa4af5e70e2d984c9620a09e9dade067f2620
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/nfsd/nfs3xdr.c?h=v5.4.92&id=4aef760c28e8bd1860a27fd78067b4ea77124987
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.4.92&id=4aef760c28e8bd1860a27fd78067b4ea77124987
CVE-2021-3178 edited at 27 Jan 2021 14:09:09
Description
- fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior.
+ fs/nfsd/nfs3xdr.c in the Linux kernel before version 5.10.10 and 5.4.92, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior.
References
https://patchwork.kernel.org/project/linux-nfs/patch/20210111210129.GA11652@fieldses.org/
- https://git.linux-nfs.org/?p=cel/cel-2.6.git;a=commitdiff;h=51b2ee7d006a736a9126e8111d1f24e4fd0afaa6
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/nfsd/nfs3xdr.c?h=v5.10.10&id=fdcaa4af5e70e2d984c9620a09e9dade067f2620
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/fs/nfsd/nfs3xdr.c?h=v5.4.92&id=4aef760c28e8bd1860a27fd78067b4ea77124987
CVE-2021-3178 edited at 24 Jan 2021 15:21:00
References
https://patchwork.kernel.org/project/linux-nfs/patch/20210111210129.GA11652@fieldses.org/
+ https://git.linux-nfs.org/?p=cel/cel-2.6.git;a=commitdiff;h=51b2ee7d006a736a9126e8111d1f24e4fd0afaa6
Notes
+ Workaround
+ ==========
+
+ This issue can be mitigated by enabling the subtree_check option of the NFS server.
CVE-2021-3178 edited at 19 Jan 2021 09:11:12
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Directory traversal
Description
+ fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior.
References
+ https://patchwork.kernel.org/project/linux-nfs/patch/20210111210129.GA11652@fieldses.org/
Notes
CVE-2021-3178 created at 19 Jan 2021 09:10:39