Severity

Medium

Analysis Summary

CVE-2021-3428

Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the ext4_es_cache_extent function in fs/ext4/extents.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system crash.

Impact

• Denial of service
• System crash

Affected Vendors

Linux

Affected Products

Linux Kernel

Remediation

Linux is currently working on the remediation of the stated vulnerability.