CVE-2021-3997
- Source
- https://cve.org/CVERecord?id=CVE-2021-3997
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3997.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-3997
- Downstream
- Related
- Published
- 2022-08-23T20:15:08.670Z
- Modified
- 2026-05-18T22:58:12.288085Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.
- Database specific
{ "unresolved_ranges": [ { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*" ], "vendor_product": "fedoraproject:fedora", "extracted_events": [ { "last_affected": "34" }, { "last_affected": "35" } ] }, { "source": "CPE_FIELD", "cpes": [ "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*" ], "vendor_product": "redhat:enterprise_linux", "extracted_events": [ { "last_affected": "7.0" }, { "last_affected": "8.0" }, { "last_affected": "9.0" } ] } ] }- References
Affected packages
Git / github.com/systemd/systemd
Affected versions
Other
v240
v241
v241-rc1
v241-rc2
v242
v242-rc1
v242-rc2
v242-rc3
v242-rc4
v243
v243-rc1
v243-rc2
v244
v244-rc1
v245
v245-rc1
v245-rc2
v246
v246-rc1
v246-rc2
v247
v247-rc1
v247-rc2
v248
v248-2
v248-rc1
v248-rc2
v248-rc3
v248-rc4
v249
v249-rc1
v249-rc2
v249-rc3
v250
v250-rc1
v250-rc2
v250-rc3
v250.*
v250.1
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "185979649040454291352028384744579284254",
"length": 1126.0
},
"signature_type": "Function",
"source": "https://github.com/systemd/systemd/commit/617c67a039b25139e5516aa48931c7024c6f8dc5",
"signature_version": "v1",
"target": {
"function": "lsm_bpf_supported",
"file": "src/core/bpf-lsm.c"
},
"id": "CVE-2021-3997-0191928f",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"232824255401767527882159588300249583897",
"139541591999350747288877596287582325781",
"48873728193042033972757482948885216072",
"279905846686783546131062549597754248093",
"40943845109007403552630436406116122814",
"179031166932765664448266696954928194792"
]
},
"signature_type": "Line",
"source": "https://github.com/systemd/systemd/commit/617c67a039b25139e5516aa48931c7024c6f8dc5",
"signature_version": "v1",
"target": {
"file": "src/core/bpf-lsm.c"
},
"id": "CVE-2021-3997-0291008d",
"deprecated": false
},
{
"digest": {
"function_hash": "152686987549912463405269971488872005473",
"length": 374.0
},
"signature_type": "Function",
"source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
"signature_version": "v1",
"target": {
"function": "rm_rf_child",
"file": "src/shared/rm-rf.c"
},
"id": "CVE-2021-3997-6a8a21dd",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"141059355148544141293040271256544830855",
"271863013398583989321240070374819670523",
"228971154362777753928237616299595924467",
"308348084867573838604725970801116999705",
"307025307951600897979919517052529779253",
"338350324921210462470263433352324911282",
"192154184935525849228435792170020069320",
"280789311380948667402732362737158156889",
"264597111413886913152323701891588993382",
"256887911420346574408272071355921538933",
"328406928109304382119466785545731527959",
"41551315246691024358959863619875750136",
"199560534661790956545842687418810017766",
"98064436967192965117265062227544444141",
"6287514093111138238519327041296250564",
"183497168408929373208208423829613982063",
"327364442073884713182144000353930405550",
"322343212042555516710981669703216822443",
"24434364108870080509341000682990728693",
"206306710893498169848089350935034450533",
"30689134740406525465723433486422757273",
"214290727596238076791888704119638909193",
"125770284566057705755795621386103043619",
"252695143431716253583142052668586606110",
"108265301864431638992181516547554761952",
"266365014111071281298709426138262381904",
"46948499266177634006902575560569982375",
"89486483915561455161558219845892839265",
"287484311514395999357363468442542925091",
"306672849305815010578515794378512303601",
"231572884905197969578151548572960742824",
"78181398051249997504815273132306369026",
"283880167161998010273238992838564078800",
"333196349815038581767137659710980237366",
"275402849731713112534279470869426164509",
"288433695480066921809770885331249208000",
"41667702630740219319440261989513410238",
"301422066199264835404429494018589251570",
"300846258108732668805703251485279797812",
"132145170508849859671736946313352248665",
"288841721094866297481748251573369819975",
"130279619160761801421900558515089412022",
"184502985079593731017063554304716951778",
"317692637574415759098100762527879892193",
"93162723077210066901454159517654977704",
"95301525587488458463968782939112753557",
"23642242404373417573687913078959985365",
"1176026573078755885362246484018572452",
"111246283796628823523612284250177129595",
"237633678778945447366906973692170663888",
"204774012897229626883280852058738292043",
"160753553745858418934201696443564894635",
"161979008750180914801207475062021616478",
"298034889620248263093157551230389449581",
"248286279177217872012701733048433423993",
"273378299949664057726970313396453546202",
"56847066222386533058889477953642792645",
"316129621080861538859111446005245517555",
"110279963301713273990665498833284756219",
"144352059504979618277315822688088185916",
"207680219152064867667863023483177360637",
"27421482080761561801827299843855363748",
"19960656312339701682011485471400343449",
"309528232059233501037522944176196974145",
"226582383771226281048638889415553312366",
"106598958827103401935171719550772881178",
"207112453942721093310945028792587825529",
"253060193845939235818050690179588838694"
]
},
"signature_type": "Line",
"source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
"signature_version": "v1",
"target": {
"file": "src/shared/rm-rf.c"
},
"id": "CVE-2021-3997-6b8b0b9c",
"deprecated": false
},
{
"digest": {
"function_hash": "56574712255166263395916226055837217013",
"length": 1256.0
},
"signature_type": "Function",
"source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
"signature_version": "v1",
"target": {
"function": "rm_rf_children_inner",
"file": "src/shared/rm-rf.c"
},
"id": "CVE-2021-3997-86c73fc1",
"deprecated": false
},
{
"digest": {
"function_hash": "332255085639802175830221466956067031857",
"length": 998.0
},
"signature_type": "Function",
"source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
"signature_version": "v1",
"target": {
"function": "rm_rf_children",
"file": "src/shared/rm-rf.c"
},
"id": "CVE-2021-3997-ff3c43c6",
"deprecated": false
}
]
vanir_signatures_modified
"2026-05-18T22:58:12Z"
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3997.json"
Git / github.com/systemd/systemd-stable
Affected versions
Other
v240
v241
v241-rc1
v241-rc2
v242
v242-rc1
v242-rc2
v242-rc3
v242-rc4
v243
v243-rc1
v243-rc2
v244
v244-rc1
v245
v245-rc1
v245-rc2
v246
v246-rc1
v246-rc2
v247
v247-rc1
v247-rc2
v248
v248-2
v248-rc1
v248-rc2
v248-rc3
v248-rc4
v249
v249-rc1
v249-rc2
v249-rc3
v250
v250-rc1
v250-rc2
v250-rc3
v250.*
v250.1
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "185979649040454291352028384744579284254",
"length": 1126.0
},
"signature_type": "Function",
"source": "https://github.com/systemd/systemd-stable/commit/617c67a039b25139e5516aa48931c7024c6f8dc5",
"signature_version": "v1",
"target": {
"function": "lsm_bpf_supported",
"file": "src/core/bpf-lsm.c"
},
"id": "CVE-2021-3997-4691a4eb",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"232824255401767527882159588300249583897",
"139541591999350747288877596287582325781",
"48873728193042033972757482948885216072",
"279905846686783546131062549597754248093",
"40943845109007403552630436406116122814",
"179031166932765664448266696954928194792"
]
},
"signature_type": "Line",
"source": "https://github.com/systemd/systemd-stable/commit/617c67a039b25139e5516aa48931c7024c6f8dc5",
"signature_version": "v1",
"target": {
"file": "src/core/bpf-lsm.c"
},
"id": "CVE-2021-3997-fa78c1c1",
"deprecated": false
}
]
vanir_signatures_modified
"2026-05-18T22:58:12Z"
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3997.json"