QwikSec

Security Database

CVE

CWE

Training

CVE-2020-35513

Published: Jan 25, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with access to the NFS could use this flaw to starve the resources causing denial of service.

Vendor	Product	Versions
n/a	kernel	affected `before kernel 4.17-rc1`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=1911309

x_refsource_MISC

https://patchwork.kernel.org/project/linux-nfs/patch/20180403203916.GH20297%40fieldses.org/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.