High severity7.1NVD Advisory· Published Oct 11, 2021· Updated Jun 17, 2026
CVE-2021-42257
CVE-2021-42257
Description
check_smart before 6.9.1 allows unintended drive access by an unprivileged user because it only checks for a substring match of a device path (the /dev/bus substring and a number), aka an unanchored regular expression.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- check_smart/check_smartdescription
- Range: <6.9.1
Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2021/10/14/2nvdExploitThird Party Advisory
- bugzilla.suse.com/show_bug.cginvdExploitIssue TrackingPatchThird Party Advisory
- www.claudiokuenzler.com/blog/1068/check_smart-6.9.1-security-fix-release-pseudo-device-pathnvdThird Party Advisory
- www.claudiokuenzler.com/monitoring-plugins/check_smart.phpnvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2021-42257nvd
News mentions
0No linked articles in our index yet.