UBUNTU-CVE-2021-3348

Advisory lineage Upstream: 1 Downstream: 4
Upstream
CVE-2021-3348
Published: 01 Feb 2021, 04:15
Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)
medium
28/100
CVSS Score
7 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

01 Feb 2021, 04:15
Published
Vulnerability first disclosed
03 Jun 2026, 13:34
Last Modified
Vulnerability information updated

Description

nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.

CVSS Metrics

  • v3.1HIGHScore: 7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

  • ubuntulinux

    < 4.15.0-141.145 | < 5.4.0-71.79

  • ubuntulinux-aws

    < 4.15.0-1098.105 | < 5.4.0-1043.45

  • ubuntulinux-aws-5.0

    all

  • ubuntulinux-aws-5.3

    all

  • ubuntulinux-aws-5.4

    < 5.4.0-1043.45~18.04.1

  • ubuntulinux-aws-fips

    < 4.15.0-2041.43 | all | < 5.4.0-1069.73+fips2

  • ubuntulinux-aws-hwe

    < 4.15.0-1098.105~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1112.124~14.04.1 | < 4.15.0-1112.124~16.04.1 | all | < 5.4.0-1044.46

  • ubuntulinux-azure-4.15

    < 4.15.0-1112.125

  • ubuntulinux-azure-5.3

    all

  • ubuntulinux-azure-5.4

    < 5.4.0-1044.46~18.04.1

  • ubuntulinux-azure-edge

    all

  • ubuntulinux-azure-fips

    < 4.15.0-2024.27 | all | < 5.4.0-1073.76+fips1

  • ubuntulinux-bluefield

    all

  • ubuntulinux-dell300x

    < 4.15.0-1016.20

  • ubuntulinux-fips

    < 4.15.0-1057.65 | all

  • ubuntulinux-gcp

    < 4.15.0-1097.110~16.04.1 | all | < 5.4.0-1041.44

  • ubuntulinux-gcp-4.15

    < 4.15.0-1097.110

  • ubuntulinux-gcp-5.3

    all

  • ubuntulinux-gcp-5.4

    < 5.4.0-1041.44~18.04.1

  • ubuntulinux-gcp-edge

    all

  • ubuntulinux-gcp-fips

    all | < 5.4.0-1067.71~20.04.1

  • ubuntulinux-gke

    < 5.4.0-1041.43

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.4

    < 5.4.0-1040.42~18.04.1

  • ubuntulinux-gkeop

    < 5.4.0-1013.14

  • ubuntulinux-gkeop-5.4

    < 5.4.0-1013.14~18.04.1

  • ubuntulinux-hwe

    < 4.15.0-142.146~16.04.1 | all

  • ubuntulinux-hwe-5.4

    < 5.4.0-71.79~18.04.1

  • ubuntulinux-hwe-5.8

    < 5.8.0-49.55~20.04.1

  • ubuntulinux-hwe-edge

    all | all

  • ubuntulinux-intel-iot-realtime

    all

  • ubuntulinux-kvm

    < 4.15.0-1089.91 | < 5.4.0-1037.38

  • ubuntulinux-nvidia

    all

  • ubuntulinux-oem

    all

  • ubuntulinux-oem-5.10

    < 5.10.0-1017.18

  • ubuntulinux-oem-5.6

    all

  • ubuntulinux-oracle

    < 4.15.0-1069.77~16.04.1 | < 4.15.0-1069.77 | < 5.4.0-1042.45

  • ubuntulinux-oracle-5.0

    all

  • ubuntulinux-oracle-5.3

    all

  • ubuntulinux-oracle-5.4

    < 5.4.0-1042.45~18.04.1

  • ubuntulinux-raspi

    < 5.4.0-1033.36

  • ubuntulinux-raspi-5.4

    < 5.4.0-1033.36~18.04.1

  • ubuntulinux-raspi-realtime

    all

  • ubuntulinux-raspi2

    < 4.15.0-1083.88 | all

  • ubuntulinux-realtime

    all

  • ubuntulinux-riscv

    all

  • ubuntulinux-riscv-5.8

    < 5.8.0-22.24~20.04.1

  • ubuntulinux-snapdragon

    < 4.15.0-1100.109

References (8)