{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-43395","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-04-14T16:10:08.182Z","dateReserved":"2021-11-04T00:00:00.000Z","datePublished":"2022-12-26T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2022-12-26T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c"},{"url":"https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c"},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"url":"http://www.tribblix.org/relnotes.html"},{"url":"https://jgardner100.wordpress.com/2022/01/20/security-heads-up/"},{"url":"https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424"},{"url":"https://www.illumos.org/issues/14424"},{"url":"https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90"},{"url":"https://kebe.com/blog/?p=505"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T03:55:28.486Z"},"title":"CVE Program Container","references":[{"url":"https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c","tags":["x_transferred"]},{"url":"https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c","tags":["x_transferred"]},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","tags":["x_transferred"]},{"url":"http://www.tribblix.org/relnotes.html","tags":["x_transferred"]},{"url":"https://jgardner100.wordpress.com/2022/01/20/security-heads-up/","tags":["x_transferred"]},{"url":"https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424","tags":["x_transferred"]},{"url":"https://www.illumos.org/issues/14424","tags":["x_transferred"]},{"url":"https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90","tags":["x_transferred"]},{"url":"https://kebe.com/blog/?p=505","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-667","lang":"en","description":"CWE-667 Improper Locking"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-04-14T16:09:04.387669Z","id":"CVE-2021-43395","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-14T16:10:08.182Z"}}]}}