Login Sign Up

CVE-2021-4157

8.0 HIGH
Denial of Service

📋 TL;DR

This vulnerability is an out-of-bounds memory write flaw in the Linux kernel's NFS subsystem, specifically affecting mirroring/replication functionality. It allows authenticated users with NFS mount access to potentially crash the system or escalate privileges. Systems using NFS with mirroring enabled are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before 5.14-rc1
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when NFS mirroring/replication is configured and used. Standard NFS mounts without mirroring are not affected.

📦 What is this software?

Communications Cloud Native Core Binding Support Function by Oracle

View all CVEs affecting Communications Cloud Native Core Binding Support Function →

Communications Cloud Native Core Binding Support Function by Oracle

View all CVEs affecting Communications Cloud Native Core Binding Support Function →

Communications Cloud Native Core Binding Support Function by Oracle

View all CVEs affecting Communications Cloud Native Core Binding Support Function →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

H300e Firmware by Netapp

View all CVEs affecting H300e Firmware →

H300s Firmware by Netapp

View all CVEs affecting H300s Firmware →

H410s Firmware by Netapp

View all CVEs affecting H410s Firmware →

H500e Firmware by Netapp

View all CVEs affecting H500e Firmware →

H500s Firmware by Netapp

View all CVEs affecting H500s Firmware →

H700e Firmware by Netapp

View all CVEs affecting H700e Firmware →

H700s Firmware by Netapp

View all CVEs affecting H700s Firmware →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise via privilege escalation leading to root access, or system crash causing denial of service.

🟠

Likely Case

System crash/denial of service due to kernel panic from memory corruption.

🟢

If Mitigated

No impact if NFS mirroring is disabled or proper access controls prevent unauthorized NFS mount access.

🌐 Internet-Facing: MEDIUM - Requires NFS service exposure and authenticated access, but NFS over internet is uncommon.
🏢 Internal Only: HIGH - Internal attackers with NFS mount access could exploit this to gain root privileges.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires authenticated access to NFS mount and knowledge of NFS mirroring functionality. Memory corruption is limited to 1-2 bytes.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel 5.14-rc1 and later

Vendor Advisory: https://bugzilla.redhat.com/show_bug.cgi?id=2034342

Restart Required: Yes

Instructions:

1. Update Linux kernel to version 5.14-rc1 or later. 2. For distributions: Use package manager (yum update kernel / apt-get upgrade linux-image). 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable NFS mirroring

linux

Disable NFS mirroring/replication functionality if not required

Check NFS configuration files for mirroring options and remove/disable them

Restrict NFS access

linux

Limit NFS mount access to trusted users only

Configure /etc/exports with restrictive permissions (e.g., ro,sync,no_root_squash only where needed)

🧯 If You Can't Patch

  • Disable NFS mirroring functionality completely
  • Implement strict network segmentation to isolate NFS servers from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check kernel version: uname -r. If version is earlier than 5.14-rc1 and NFS mirroring is enabled, system is vulnerable.

Check Version:

uname -r

Verify Fix Applied:

After patching, verify kernel version is 5.14-rc1 or later with uname -r and test NFS mirroring functionality.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs, NFS error messages related to mirroring operations, memory corruption warnings in dmesg

Network Indicators:

  • Unusual NFS mirroring traffic patterns, repeated connection attempts to NFS mirroring ports

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "general protection fault") AND process="nfs"

📊 Metadata

CVE ID: CVE-2021-4157
CVSS v3 Score: 8.0 (HIGH)
CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: March 25, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-4157, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)