CVE-2021-3997

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
systemd_projectsystemd
240 ≤
𝑥
< 250.2
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
systemd
bullseye
247.3-7+deb11u5
fixed
buster
ignored
stretch
ignored
bullseye (security)
247.3-7+deb11u6
fixed
bookworm
252.30-1~deb12u2
fixed
sid
256.7-3
fixed
trixie
256.7-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
systemd
impish
Fixed 248.3-1ubuntu8.2
released
hirsute
Fixed 247.3-3ubuntu3.7
released
focal
Fixed 245.4-4ubuntu3.15
released
bionic
ignored
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2021-3997
https://bugzilla.redhat.com/show_bug.cgi?id=2024639
https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1
https://security.gentoo.org/glsa/202305-15
https://www.openwall.com/lists/oss-security/2022/01/10/2
https://access.redhat.com/security/cve/CVE-2021-3997
https://bugzilla.redhat.com/show_bug.cgi?id=2024639
https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1
https://security.gentoo.org/glsa/202305-15
https://www.openwall.com/lists/oss-security/2022/01/10/2