The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Linux kernel: denial of service via get_old_root

Synthesis of the vulnerability 

An attacker can trigger a fatal error via get_old_root() of the Linux kernel, in order to trigger a denial of service.
Impacted software: Fedora, Linux, openSUSE Leap.
Severity of this computer vulnerability: 1/4.
Creation date: 23/03/2021.
Références of this announce: CVE-2021-28964, FEDORA-2021-68b0dd2373, FEDORA-2021-9503fffad9, openSUSE-SU-2021:0532-1, VIGILANCE-VUL-34912.

Description of the vulnerability 

An attacker can trigger a fatal error via get_old_root() of the Linux kernel, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity vulnerability impacts software or systems such as Fedora, Linux, openSUSE Leap.

Our Vigil@nce team determined that the severity of this vulnerability is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

An attacker with a expert ability can exploit this weakness alert.

Solutions for this threat 

Linux kernel: version 5.11.9.
The version 5.11.9 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v5.x/

Linux kernel: version 5.10.26.
The version 5.10.26 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v5.x/

Linux kernel: version 5.4.108.
The version 5.4.108 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v5.x/

Linux kernel: version 4.19.183.
The version 4.19.183 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.14.227.
The version 4.14.227 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.9.263.
The version 4.9.263 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.4.263.
The version 4.4.263 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: patch for get_old_root.
A patch is indicated in information sources.

Fedora 32-33: new kernel packages.
New packages are available:
  Fedora 32: kernel 5.11.10-100.fc32
  Fedora 33: kernel 5.11.9-200.fc33

openSUSE Leap 15.2: new kernel packages.
New packages are available:
  openSUSE Leap 15.2: kernel 5.3.18-lp152.69.1
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides system vulnerability announces. The Vigil@nce vulnerability database contains several thousand vulnerabilities.