Denial of Service Vulnerability in CORTX-S3 Server by Seagate
CVE-2021-43429

7.5HIGH

Key Information:

Vendor

Seagate

Status
Cortx-s3 Server
Vendor
CVE Published:
7 April 2022

What is CVE-2021-43429?

A Denial of Service issue has been identified in CORTX-S3 Server, resulting from a failure in the mempool_destroy method to properly release locks associated with the pool. This oversight can lead to system resource exhaustion, affecting the overall stability and availability of the server. It's crucial for users of CORTX-S3 Server to be aware of this vulnerability to ensure that their systems remain secure and functional.

References

https://github.com/Seagate/cortx-s3server/issues/1037
x_refsource_MISC
https://github.com/Seagate/cortx-s3server/pull/1041
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.