search

endpointlabs / VulnerableDotNetCore3Project

.Net Core 3.0
0 stars 0 forks source link

CVE-2021-4150 KONDUKTO #96

Closed ckalpakoglu closed 1 year ago

ckalpakoglu commented 1 year ago

Due Date: 0001-01-01

A medium severity vulnerability has been discovered in your project.

Project Name: infra_duplicate_test

Scanner Name: laceworkinfra

CVE: CVE-2021-4150

Exploitable: false


Proof: AccountID: 612851061211
VpcID: vpc-df9a23b5
Arch: amd64
PackageName: linux-aws
PackageNamespace: ubuntu:20.04
PackageActive: 0
PackageVersion: 5.15.0.1022.26~20.04.14
FixedVersion:

Tool Description: A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk.

Custom Description: test

Kondukto Link: https://82.kondukto.local/projects/636249c73ffe9321df1a2823/vulns/infra?page=1&perPage=15&id=in:63624a2f83e330d938697c28 Deeplink: http://people.ubuntu.com/~ubuntu-security/cve/CVE-2021-4150

ckalpakoglu commented 1 year ago

The issue has been closed by Kondukto since it is marked as won't fix.