High severity7.5NVD Advisory· Published Aug 8, 2021· Updated May 12, 2026

CVE-2021-38202

Description

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

Affected products

NetApp/Element Software
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
NetApp/Hci Management Node
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
NetApp/Solidfire
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <5.13.4
NetApp/Hci Bootstrap Os
cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*
Linux/Linux kerneldescription

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4nvdMailing ListPatchVendor Advisory
github.com/torvalds/linux/commit/7b08cf62b1239a4322427d677ea9363f0ab677c6nvdPatchThird Party Advisory
security.netapp.com/advisory/ntap-20210902-0010/nvdThird Party Advisory
cert-portal.siemens.com/productcert/html/ssa-265688.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000