CVE-2021-3997

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-3997
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3997.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-3997
Downstream
Related
Published
2022-08-23T20:15:08.670Z
Modified
2026-02-24T11:40:48.754567Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.

References

Affected packages

Git / github.com/systemd/systemd

Affected ranges

Type
GIT
Repo
https://github.com/systemd/systemd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5b1cf7a9be37e20133c0208005274ce4a5b5c6a1
Introduced
1742aae2aa8cd33897250d6fcfbe10928e43eb2f
Fixed
5b1cf7a9be37e20133c0208005274ce4a5b5c6a1

Affected versions

Other
v240
v241
v241-rc1
v241-rc2
v242
v242-rc1
v242-rc2
v242-rc3
v242-rc4
v243
v243-rc1
v243-rc2
v244
v244-rc1
v245
v245-rc1
v245-rc2
v246
v246-rc1
v246-rc2
v247
v247-rc1
v247-rc2
v248
v248-2
v248-rc1
v248-rc2
v248-rc3
v248-rc4
v249
v249-rc1
v249-rc2
v249-rc3
v250-rc1
v250-rc2
v250-rc3
v243.*
v243.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3997.json"
vanir_signatures 
[
    {
        "source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
        "deprecated": false,
        "target": {
            "file": "src/shared/rm-rf.c",
            "function": "rm_rf_child"
        },
        "id": "CVE-2021-3997-6a8a21dd",
        "digest": {
            "function_hash": "152686987549912463405269971488872005473",
            "length": 374.0
        },
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
        "deprecated": false,
        "target": {
            "file": "src/shared/rm-rf.c"
        },
        "id": "CVE-2021-3997-6b8b0b9c",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "141059355148544141293040271256544830855",
                "271863013398583989321240070374819670523",
                "228971154362777753928237616299595924467",
                "308348084867573838604725970801116999705",
                "307025307951600897979919517052529779253",
                "338350324921210462470263433352324911282",
                "192154184935525849228435792170020069320",
                "280789311380948667402732362737158156889",
                "264597111413886913152323701891588993382",
                "256887911420346574408272071355921538933",
                "328406928109304382119466785545731527959",
                "41551315246691024358959863619875750136",
                "199560534661790956545842687418810017766",
                "98064436967192965117265062227544444141",
                "6287514093111138238519327041296250564",
                "183497168408929373208208423829613982063",
                "327364442073884713182144000353930405550",
                "322343212042555516710981669703216822443",
                "24434364108870080509341000682990728693",
                "206306710893498169848089350935034450533",
                "30689134740406525465723433486422757273",
                "214290727596238076791888704119638909193",
                "125770284566057705755795621386103043619",
                "252695143431716253583142052668586606110",
                "108265301864431638992181516547554761952",
                "266365014111071281298709426138262381904",
                "46948499266177634006902575560569982375",
                "89486483915561455161558219845892839265",
                "287484311514395999357363468442542925091",
                "306672849305815010578515794378512303601",
                "231572884905197969578151548572960742824",
                "78181398051249997504815273132306369026",
                "283880167161998010273238992838564078800",
                "333196349815038581767137659710980237366",
                "275402849731713112534279470869426164509",
                "288433695480066921809770885331249208000",
                "41667702630740219319440261989513410238",
                "301422066199264835404429494018589251570",
                "300846258108732668805703251485279797812",
                "132145170508849859671736946313352248665",
                "288841721094866297481748251573369819975",
                "130279619160761801421900558515089412022",
                "184502985079593731017063554304716951778",
                "317692637574415759098100762527879892193",
                "93162723077210066901454159517654977704",
                "95301525587488458463968782939112753557",
                "23642242404373417573687913078959985365",
                "1176026573078755885362246484018572452",
                "111246283796628823523612284250177129595",
                "237633678778945447366906973692170663888",
                "204774012897229626883280852058738292043",
                "160753553745858418934201696443564894635",
                "161979008750180914801207475062021616478",
                "298034889620248263093157551230389449581",
                "248286279177217872012701733048433423993",
                "273378299949664057726970313396453546202",
                "56847066222386533058889477953642792645",
                "316129621080861538859111446005245517555",
                "110279963301713273990665498833284756219",
                "144352059504979618277315822688088185916",
                "207680219152064867667863023483177360637",
                "27421482080761561801827299843855363748",
                "19960656312339701682011485471400343449",
                "309528232059233501037522944176196974145",
                "226582383771226281048638889415553312366",
                "106598958827103401935171719550772881178",
                "207112453942721093310945028792587825529",
                "253060193845939235818050690179588838694"
            ]
        },
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
        "deprecated": false,
        "target": {
            "file": "src/shared/rm-rf.c",
            "function": "rm_rf_children_inner"
        },
        "id": "CVE-2021-3997-86c73fc1",
        "digest": {
            "function_hash": "56574712255166263395916226055837217013",
            "length": 1256.0
        },
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
        "deprecated": false,
        "target": {
            "file": "src/shared/rm-rf.c",
            "function": "rm_rf_children"
        },
        "id": "CVE-2021-3997-ff3c43c6",
        "digest": {
            "function_hash": "332255085639802175830221466956067031857",
            "length": 998.0
        },
        "signature_version": "v1",
        "signature_type": "Function"
    }
]