Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-7bpf-1hfy-x3h5
Vulnerability ID VCID-7bpf-1hfy-x3h5
Aliases CVE-2021-3428
Summary A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
cvssv3 4.4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3428.json
epss 0.00024 https://api.first.org/data/v1/epss?cve=CVE-2021-3428
cvssv3.1 3.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux Medium https://security.archlinux.org/AVG-1693
archlinux Medium https://security.archlinux.org/AVG-1694
archlinux Medium https://security.archlinux.org/AVG-1695
archlinux Medium https://security.archlinux.org/AVG-1696
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3428.json
https://api.first.org/data/v1/epss?cve=CVE-2021-3428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3428
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1936786 https://bugzilla.redhat.com/show_bug.cgi?id=1936786
AVG-1693 https://security.archlinux.org/AVG-1693
AVG-1694 https://security.archlinux.org/AVG-1694
AVG-1695 https://security.archlinux.org/AVG-1695
AVG-1696 https://security.archlinux.org/AVG-1696
RHSA-2021:1578 https://access.redhat.com/errata/RHSA-2021:1578
RHSA-2021:1739 https://access.redhat.com/errata/RHSA-2021:1739
USN-4979-1 https://usn.ubuntu.com/4979-1/
USN-5137-1 https://usn.ubuntu.com/5137-1/
USN-5137-2 https://usn.ubuntu.com/5137-2/
USN-6001-1 https://usn.ubuntu.com/6001-1/
USN-6013-1 https://usn.ubuntu.com/6013-1/
USN-6014-1 https://usn.ubuntu.com/6014-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3428.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.06879
EPSS Score 0.00024
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:43:34.651005+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0