Vulnerabilities > CVE-2021-3739 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 7.1 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH

Summary

A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.

Vulnerable Configurations

Part Description Count
OS
Linux
4798
OS
Fedoraproject
1
OS
Netapp
8
Hardware
Netapp
8

Common Weakness Enumeration (CWE)