CVE-2021-46960 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947] ------------[ cut here ]------------ [440700.386948] err = 1 [440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70 ... [440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu ... [440700.397334] Call Trace: [440700.397346] __filemap_set_wb_err+0x1a/0x70 [440700.397419] cifs_writepages+0x9c7/0xb30 [cifs] [440700.397426] do_writepages+0x4b/0xe0 [440700.397444] __filemap_fdatawrite_range+0xcb/0x100 [440700.397455] filemap_write_and_wait+0x42/0xa0 [440700.397486] cifs_setattr+0x68b/0xf30 [cifs] [440700.397493] notify_change+0x358/0x4a0 [440700.397500] utimes_common+0xe9/0x1c0 [440700.397510] do_utimes+0xc5/0x150 [440700.397520] __x64_sys_utimensat+0x88/0xd0

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Linux	Linux Kernel
Redhat	Rhel Aus Rhel E4s Rhel Tus

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
kernel-0:4.18.0-372.139.1.el8_6	cpe:/o:redhat:rhel_aus:8.6	RHSA-2025:2265	2025-03-05T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
kernel-0:4.18.0-372.139.1.el8_6	cpe:/o:redhat:rhel_tus:8.6	RHSA-2025:2265	2025-03-05T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
kernel-0:4.18.0-372.139.1.el8_6	cpe:/o:redhat:rhel_e4s:8.6	RHSA-2025:2265	2025-03-05T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27
https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec
https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0
https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f
https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54
https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20
https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd
https://lore.kernel.org/linux-cve-announce/2024022718-CVE-2021-46960-f5ac@gregkh/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2021-46960
https://www.cve.org/CVERecord?id=CVE-2021-46960

History

Wed, 05 Mar 2025 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus
CPEs		cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_tus:8.6
Vendors & Products		Redhat Redhat rhel Aus Redhat rhel E4s Redhat rhel Tus

Wed, 11 Dec 2024 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		NVD-CWE-noinfo
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 2.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Mon, 04 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-02-27T18:46:59.919Z

Updated: 2025-05-04T07:01:13.365Z

Reserved: 2024-02-27T18:42:55.941Z

Link: CVE-2021-46960

Vulnrichment

Updated: 2024-08-04T05:17:42.896Z

NVD

Status : Analyzed

Published: 2024-02-27T19:04:06.860

Modified: 2024-12-11T14:47:28.957

Link: CVE-2021-46960

Redhat

Severity : Moderate

Publid Date: 2024-02-27T00:00:00Z

Links: CVE-2021-46960 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-46960", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-27T18:42:55.941Z", "datePublished": "2024-02-27T18:46:59.919Z", "dateUpdated": "2025-05-04T07:01:13.365Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:01:13.365Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Return correct error code from smb2_get_enc_key\n\nAvoid a warning if the error percolates back up:\n\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/cifs/smb2ops.c"], "versions": [{"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "e94851629c49c65b4fbb29a5725ddfd7988f8f20", "status": "affected", "versionType": "git"}, {"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "e486f8397f3f14a7cadc166138141fdb14379a54", "status": "affected", "versionType": "git"}, {"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "93f3339b22ba17e66f0808737467b70ba087eaec", "status": "affected", "versionType": "git"}, {"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "aaa0faa5c28a91c362352d6b35dc3ed10df56fb0", "status": "affected", "versionType": "git"}, {"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "f59a9242942fef0de7b926e438ba4eae65d4b4dd", "status": "affected", "versionType": "git"}, {"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "b399c1a3ea0b9d10047ff266d65533df7f15532f", "status": "affected", "versionType": "git"}, {"version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "83728cbf366e334301091d5b808add468ab46b27", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/cifs/smb2ops.c"], "versions": [{"version": "4.11", "status": "affected"}, {"version": "0", "lessThan": "4.11", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.233", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.191", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.118", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.36", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.11.20", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.3", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "4.14.233"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "4.19.191"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.4.118"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.10.36"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.11.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.12.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20"}, {"url": "https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54"}, {"url": "https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec"}, {"url": "https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0"}, {"url": "https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd"}, {"url": "https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f"}, {"url": "https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27"}], "title": "cifs: Return correct error code from smb2_get_enc_key", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:42.896Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46960", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:01:38.257820Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:48.204Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:42.896Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46960", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:01:38.257820Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:18.815Z"}}], "cna": {"title": "cifs: Return correct error code from smb2_get_enc_key", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "e94851629c49c65b4fbb29a5725ddfd7988f8f20", "versionType": "git"}, {"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "e486f8397f3f14a7cadc166138141fdb14379a54", "versionType": "git"}, {"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "93f3339b22ba17e66f0808737467b70ba087eaec", "versionType": "git"}, {"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "aaa0faa5c28a91c362352d6b35dc3ed10df56fb0", "versionType": "git"}, {"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "f59a9242942fef0de7b926e438ba4eae65d4b4dd", "versionType": "git"}, {"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "b399c1a3ea0b9d10047ff266d65533df7f15532f", "versionType": "git"}, {"status": "affected", "version": "61cfac6f267dabcf2740a7ec8a0295833b28b5f5", "lessThan": "83728cbf366e334301091d5b808add468ab46b27", "versionType": "git"}], "programFiles": ["fs/cifs/smb2ops.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.11"}, {"status": "unaffected", "version": "0", "lessThan": "4.11", "versionType": "semver"}, {"status": "unaffected", "version": "4.14.233", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.191", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.118", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.36", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.20", "versionType": "semver", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.3", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/cifs/smb2ops.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20"}, {"url": "https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54"}, {"url": "https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec"}, {"url": "https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0"}, {"url": "https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd"}, {"url": "https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f"}, {"url": "https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Return correct error code from smb2_get_enc_key\n\nAvoid a warning if the error percolates back up:\n\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.233", "versionStartIncluding": "4.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.191", "versionStartIncluding": "4.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.118", "versionStartIncluding": "4.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.36", "versionStartIncluding": "4.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.11.20", "versionStartIncluding": "4.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.12.3", "versionStartIncluding": "4.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.13", "versionStartIncluding": "4.11"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:01:13.365Z"}}}, "cveMetadata": {"cveId": "CVE-2021-46960", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:01:13.365Z", "dateReserved": "2024-02-27T18:42:55.941Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-27T18:46:59.919Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3CEB4F43-643B-4BF2-BC3B-FB797EC75463", "versionEndExcluding": "4.14.233", "versionStartIncluding": "4.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B6E6817-19A8-4C0A-8807-71DA48CF9191", "versionEndExcluding": "4.19.191", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C83F5505-AF9D-4F2A-8D37-A8EB73ED772D", "versionEndExcluding": "5.4.118", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "003E22D0-CA29-4338-8B35-0754C740074F", "versionEndExcluding": "5.10.36", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111", "versionEndExcluding": "5.11.20", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32", "versionEndExcluding": "5.12.3", "versionStartIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Return correct error code from smb2_get_enc_key\n\nAvoid a warning if the error percolates back up:\n\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cifs: devuelve el c\u00f3digo de error correcto de smb2_get_enc_key Evite una advertencia si el error se repite: [440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: no se pudo obtener la clave de cifrado [440700.386947] ------------[ cortar aqu\u00ed ]------------ [440700.386948] err = 1 [440700.386977] ADVERTENCIA: CPU: 11 PID: 2733 en / build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70 ... [440700.397304] CPU: 11 PID: 2733 Comm: tar Contaminado: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu... [440700.397334] Seguimiento de llamadas: [440700.397346] __filemap_set_wb_err+0x1a/0x70 [440700.397419] cifs_writepages+0x9c7/0xb30 [cifs ] [440700.397426] do_writepages+0x4b /0xe0 [440700.397444] __filemap_fdatawrite_range+0xcb/0x100 [440700.397455] filemap_write_and_wait+0x42/0xa0 [440700.397486] cifs_setattr+0x68b/0xf30 [cifs] [440700.39749 3] notify_change+0x358/0x4a0 [440700.397500] utimes_common+0xe9/0x1c0 [440700.397510] do_utimes+ 0xc5/0x150 [440700.397520] __x64_sys_utimensat+0x88/0xd0"}], "id": "CVE-2021-46960", "lastModified": "2024-12-11T14:47:28.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-27T19:04:06.860", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:2265", "cpe": "cpe:/o:redhat:rhel_aus:8.6", "package": "kernel-0:4.18.0-372.139.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-03-05T00:00:00Z"}, {"advisory": "RHSA-2025:2265", "cpe": "cpe:/o:redhat:rhel_tus:8.6", "package": "kernel-0:4.18.0-372.139.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-03-05T00:00:00Z"}, {"advisory": "RHSA-2025:2265", "cpe": "cpe:/o:redhat:rhel_e4s:8.6", "package": "kernel-0:4.18.0-372.139.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-03-05T00:00:00Z"}], "bugzilla": {"description": "kernel: cifs: Return correct error code from smb2_get_enc_key", "id": "2266822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266822"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-393", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncifs: Return correct error code from smb2_get_enc_key\nAvoid a warning if the error percolates back up:\n[440700.376476] CIFS VFS: \\\\otters.example.com crypt_message: Could not get encryption key\n[440700.386947] ------------[ cut here ]------------\n[440700.386948] err = 1\n[440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70\n...\n[440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu\n...\n[440700.397334] Call Trace:\n[440700.397346] __filemap_set_wb_err+0x1a/0x70\n[440700.397419] cifs_writepages+0x9c7/0xb30 [cifs]\n[440700.397426] do_writepages+0x4b/0xe0\n[440700.397444] __filemap_fdatawrite_range+0xcb/0x100\n[440700.397455] filemap_write_and_wait+0x42/0xa0\n[440700.397486] cifs_setattr+0x68b/0xf30 [cifs]\n[440700.397493] notify_change+0x358/0x4a0\n[440700.397500] utimes_common+0xe9/0x1c0\n[440700.397510] do_utimes+0xc5/0x150\n[440700.397520] __x64_sys_utimensat+0x88/0xd0"], "name": "CVE-2021-46960", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-46960\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46960\nhttps://lore.kernel.org/linux-cve-announce/2024022718-CVE-2021-46960-f5ac@gregkh/T/#u"], "statement": "No Red Hat Products are affected by this vulnerability.", "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object