The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Linux kernel: denial of service via fs/io_uring.c

Synthesis of the vulnerability 

An attacker can trigger a fatal error via fs/io_uring.c of the Linux kernel, in order to trigger a denial of service.
Impacted products: Fedora, Linux.
Severity of this bulletin: 1/4.
Creation date: 22/03/2021.
Références of this threat: CVE-2021-28951, FEDORA-2021-68b0dd2373, FEDORA-2021-9503fffad9, VIGILANCE-VUL-34905.

Description of the vulnerability 

An attacker can trigger a fatal error via fs/io_uring.c of the Linux kernel, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity alert impacts software or systems such as Fedora, Linux.

Our Vigil@nce team determined that the severity of this weakness is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this security weakness.

Solutions for this threat 

Linux kernel: version 5.11.9.
The version 5.11.9 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v5.x/

Linux kernel: version 5.10.26.
The version 5.10.26 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v5.x/

Linux kernel: patch for fs/io_uring.c.
A patch is indicated in information sources.

Fedora 32-33: new kernel packages.
New packages are available:
  Fedora 32: kernel 5.11.10-100.fc32
  Fedora 33: kernel 5.11.9-200.fc33
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides applications vulnerabilities analysis. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.