{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-46950", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:45:52.722Z", "datePublished": "2024-02-27T18:40:34.106Z", "dateUpdated": "2024-08-04T05:17:43.080Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T04:59:24.022Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: properly indicate failure when ending a failed write request\n\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\n\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded)."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/md/raid1.c"], "versions": [{"version": "900c531899f5", "lessThan": "12216d0919b6", "status": "affected", "versionType": "git"}, {"version": "1cd972e0a107", "lessThan": "a6e17cab00fc", "status": "affected", "versionType": "git"}, {"version": "eeba6809d8d5", "lessThan": "6920cef604fa", "status": "affected", "versionType": "git"}, {"version": "eeba6809d8d5", "lessThan": "661061a45e32", "status": "affected", "versionType": "git"}, {"version": "eeba6809d8d5", "lessThan": "59452e551784", "status": "affected", "versionType": "git"}, {"version": "eeba6809d8d5", "lessThan": "538244fba59f", "status": "affected", "versionType": "git"}, {"version": "eeba6809d8d5", "lessThan": "2417b9869b81", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/md/raid1.c"], "versions": [{"version": "5.4", "status": "affected"}, {"version": "0", "lessThan": "5.4", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.233", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.191", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.118", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.36", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.11.20", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12.3", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/12216d0919b64ee2ea5dc7a50e455670f44383d5"}, {"url": "https://git.kernel.org/stable/c/a6e17cab00fc5bf85472434c52ac751426257c6f"}, {"url": "https://git.kernel.org/stable/c/6920cef604fa57f9409e3960413e9cc11f5c5a40"}, {"url": "https://git.kernel.org/stable/c/661061a45e32d8b2cc0e306da9f169ad44011382"}, {"url": "https://git.kernel.org/stable/c/59452e551784b7a57a45d971727e9db63b192515"}, {"url": "https://git.kernel.org/stable/c/538244fba59fde17186322776247cd9c05be86dd"}, {"url": "https://git.kernel.org/stable/c/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd"}], "title": "md/raid1: properly indicate failure when ending a failed write request", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46950", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-28T18:41:48.302276Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:22:03.896Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:43.080Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/12216d0919b64ee2ea5dc7a50e455670f44383d5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a6e17cab00fc5bf85472434c52ac751426257c6f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6920cef604fa57f9409e3960413e9cc11f5c5a40", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/661061a45e32d8b2cc0e306da9f169ad44011382", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/59452e551784b7a57a45d971727e9db63b192515", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/538244fba59fde17186322776247cd9c05be86dd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/12216d0919b64ee2ea5dc7a50e455670f44383d5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a6e17cab00fc5bf85472434c52ac751426257c6f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6920cef604fa57f9409e3960413e9cc11f5c5a40", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/661061a45e32d8b2cc0e306da9f169ad44011382", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/59452e551784b7a57a45d971727e9db63b192515", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/538244fba59fde17186322776247cd9c05be86dd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:43.080Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46950", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-28T18:41:48.302276Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:41.094Z"}}], "cna": {"title": "md/raid1: properly indicate failure when ending a failed write request", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "900c531899f5", "lessThan": "12216d0919b6", "versionType": "git"}, {"status": "affected", "version": "1cd972e0a107", "lessThan": "a6e17cab00fc", "versionType": "git"}, {"status": "affected", "version": "eeba6809d8d5", "lessThan": "6920cef604fa", "versionType": "git"}, {"status": "affected", "version": "eeba6809d8d5", "lessThan": "661061a45e32", "versionType": "git"}, {"status": "affected", "version": "eeba6809d8d5", "lessThan": "59452e551784", "versionType": "git"}, {"status": "affected", "version": "eeba6809d8d5", "lessThan": "538244fba59f", "versionType": "git"}, {"status": "affected", "version": "eeba6809d8d5", "lessThan": "2417b9869b81", "versionType": "git"}], "programFiles": ["drivers/md/raid1.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.4"}, {"status": "unaffected", "version": "0", "lessThan": "5.4", "versionType": "custom"}, {"status": "unaffected", "version": "4.14.233", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.191", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.118", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.36", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.20", "versionType": "custom", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.3", "versionType": "custom", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/md/raid1.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/12216d0919b64ee2ea5dc7a50e455670f44383d5"}, {"url": "https://git.kernel.org/stable/c/a6e17cab00fc5bf85472434c52ac751426257c6f"}, {"url": "https://git.kernel.org/stable/c/6920cef604fa57f9409e3960413e9cc11f5c5a40"}, {"url": "https://git.kernel.org/stable/c/661061a45e32d8b2cc0e306da9f169ad44011382"}, {"url": "https://git.kernel.org/stable/c/59452e551784b7a57a45d971727e9db63b192515"}, {"url": "https://git.kernel.org/stable/c/538244fba59fde17186322776247cd9c05be86dd"}, {"url": "https://git.kernel.org/stable/c/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: properly indicate failure when ending a failed write request\n\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\n\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded)."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T04:59:24.022Z"}}}, "cveMetadata": {"cveId": "CVE-2021-46950", "state": "PUBLISHED", "dateUpdated": "2024-08-04T05:17:43.080Z", "dateReserved": "2024-02-25T13:45:52.722Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-27T18:40:34.106Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "06219DEF-0B7F-4D93-9878-9DC640945517", "versionEndExcluding": "4.14.233", "versionStartIncluding": "4.14.147", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E80ED24-F781-449F-8035-CBA0FB5C6691", "versionEndExcluding": "4.19.191", "versionStartIncluding": "4.19.77", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "48875F15-B129-4684-8556-4EAD32A9586F", "versionEndExcluding": "5.3", "versionStartIncluding": "5.2.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9904B6DF-B2DB-4584-B17A-8EEC7C81258B", "versionEndExcluding": "5.4.118", "versionStartIncluding": "5.3.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "003E22D0-CA29-4338-8B35-0754C740074F", "versionEndExcluding": "5.10.36", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EEC03413-9760-46D4-AC1D-EB084A1D4111", "versionEndExcluding": "5.11.20", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9D6B2DE-7E4A-4B3B-9AEE-3A2C5F23DA32", "versionEndExcluding": "5.12.3", "versionStartIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: properly indicate failure when ending a failed write request\n\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\n\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded)."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: md/raid1: indica correctamente el error al finalizar una solicitud de escritura fallida. Este parche soluciona un error de corrupci\u00f3n de datos en matrices raid1 que utilizan mapas de bits. Sin esta soluci\u00f3n, los bits del mapa de bits de la E/S fallida terminan borr\u00e1ndose. Dado que estamos en el tramo fallido de raid1_end_write_request, es necesario volver a intentar la solicitud (R1BIO_WriteError) o fallar (R1BIO_Degraded)."}], "id": "CVE-2021-46950", "lastModified": "2024-08-22T20:28:57.697", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-27T19:04:06.420", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/12216d0919b64ee2ea5dc7a50e455670f44383d5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2417b9869b81882ab90fd5ed1081a1cb2d4db1dd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/538244fba59fde17186322776247cd9c05be86dd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/59452e551784b7a57a45d971727e9db63b192515"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/661061a45e32d8b2cc0e306da9f169ad44011382"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6920cef604fa57f9409e3960413e9cc11f5c5a40"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a6e17cab00fc5bf85472434c52ac751426257c6f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: md/raid1: properly indicate failure when ending a failed write request", "id": "2266504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266504"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmd/raid1: properly indicate failure when ending a failed write request\nThis patch addresses a data corruption bug in raid1 arrays using bitmaps.\nWithout this fix, the bitmap bits for the failed I/O end up being cleared.\nSince we are in the failure leg of raid1_end_write_request, the request\neither needs to be retried (R1BIO_WriteError) or failed (R1BIO_Degraded)."], "name": "CVE-2021-46950", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-46950\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46950\nhttps://lore.kernel.org/linux-cve-announce/20240227184057.2368370-15-gregkh@linuxfoundation.org/T/#u"], "threat_severity": "Moderate"}