CVE-2021-40490

Summary

CVE	CVE-2021-40490
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-09-03 01:15:00 UTC
Updated	2023-11-07 03:38:00 UTC
Description	A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

Risk And Classification

Problem Types: CWE-362

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	10.0	All	All	All
Operating System	Debian	Debian Linux	11.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Fedoraproject	Fedora	33	All	All	All
Operating System	Fedoraproject	Fedora	34	All	All	All
Operating System	Linux	Linux Kernel	All	All	All	All
Hardware	Netapp	Aff A250	-	All	All	All
Operating System	Netapp	Aff A250 Firmware	-	All	All	All
Hardware	Netapp	Fas 500f	-	All	All	All
Operating System	Netapp	Fas 500f Firmware	-	All	All	All
Hardware	Netapp	H300e	-	All	All	All
Operating System	Netapp	H300e Firmware	-	All	All	All
Hardware	Netapp	H300s	-	All	All	All
Operating System	Netapp	H300s Firmware	-	All	All	All
Hardware	Netapp	H410c	-	All	All	All
Operating System	Netapp	H410c Firmware	-	All	All	All
Hardware	Netapp	H410s	-	All	All	All
Operating System	Netapp	H410s Firmware	-	All	All	All
Hardware	Netapp	H500e	-	All	All	All
Operating System	Netapp	H500e Firmware	-	All	All	All
Hardware	Netapp	H500s	-	All	All	All
Operating System	Netapp	H500s Firmware	-	All	All	All
Hardware	Netapp	H610c	-	All	All	All
Operating System	Netapp	H610c Firmware	-	All	All	All
Hardware	Netapp	H610s	-	All	All	All
Operating System	Netapp	H610s Firmware	-	All	All	All
Hardware	Netapp	H615c	-	All	All	All
Operating System	Netapp	H615c Firmware	-	All	All	All
Hardware	Netapp	H700e	-	All	All	All
Operating System	Netapp	H700e Firmware	-	All	All	All
Hardware	Netapp	H700s	-	All	All	All
Operating System	Netapp	H700s Firmware	-	All	All	All

References

Reference	Source	Link	Tags
[SECURITY] Fedora 33 Update: kernel-5.13.15-100.fc33 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 34 Update: kernel-5.13.15-200.fc34 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
kernel/git/tytso/ext4.git - Ext4 filesystem tree	MISC	git.kernel.org
CVE-2021-40490 Linux Kernel Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
[SECURITY] [DLA 2785-1] linux-4.19 security update	MLIST	lists.debian.org
[SECURITY] Fedora 33 Update: kernel-5.13.15-100.fc33 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
Debian -- Security Information -- DSA-4978-1 linux	DEBIAN	www.debian.org
[SECURITY] [DLA 2843-1] linux security update	MLIST	lists.debian.org
[SECURITY] Fedora 34 Update: kernel-5.13.15-200.fc34 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

159402 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9458)
159403 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9459)
159404 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9460)
159421 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9474)
159422 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9475)
159424 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9485)
159427 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9488)
178809 Debian Security Update for linux (DSA 4978-1)
178844 Debian Security Update for linux-4.19 (DLA 2785-1)
178943 Debian Security Update for linux (DLA 2843-1)
180381 Debian Security Update for linux (CVE-2021-40490)
198524 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5096-1)
198540 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5113-1)
198541 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5114-1)
198542 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5115-1)
198544 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5116-1)
198546 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5116-2)
198548 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5120-1)
281901 Fedora Security Update for kernel (FEDORA-2021-60f1d2eba1)
281902 Fedora Security Update for kernel (FEDORA-2021-4ca1b080bb)
352811 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-064
352812 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-063
352813 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-062
352814 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-061
352815 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-060
352839 Amazon Linux Security Advisory for kernel: ALAS2-2021-1704
352855 Amazon Linux Security Advisory for kernel: ALAS2-2021-1712
352871 Amazon Linux Security Advisory for kernel : ALAS-2021-1539
353144 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2022-007
353155 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-005
353242 Amazon Linux Security Advisory for kernel : ALAC2012-2022-036
353243 Amazon Linux Security Advisory for kmod-mlx5 : ALAC2012-2022-037
353244 Amazon Linux Security Advisory for kmod-sfc : ALAC2012-2022-038
377652 F5 BIG-IP Linux kernel vulnerability cve-2021-40490 (K04712583)
390248 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0035)
610389 Google Pixel Android January 2022 Security Patch Missing
6140191 AWS Bottlerocket Security Update for kernel (GHSA-ff7c-gq5h-m6rj)
671159 EulerOS Security Update for kernel (EulerOS-SA-2021-2805)
671165 EulerOS Security Update for kernel (EulerOS-SA-2021-2912)
671180 EulerOS Security Update for kernel (EulerOS-SA-2021-2919)
671181 EulerOS Security Update for kernel (EulerOS-SA-2021-2934)
671252 EulerOS Security Update for kernel (EulerOS-SA-2022-1171)
751214 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3389-1)
751215 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3386-1)
751217 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3387-1)
751223 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3338-1)
751234 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1357-1)
751235 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3447-1)
751245 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1365-1)
751437 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3876-1)
751441 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3876-1)
751451 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3935-1)
751473 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3969-1)
751476 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3972-1)
900326 CBL-Mariner Linux Security Update for kernel 5.10.60.1
901549 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (6595-1)
903214 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (5448)
905862 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (5448-1)