CVE-2021-46960

cifs: Return correct error code from smb2_get_enc_key

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: Return correct error code from smb2_get_enc_key Avoid a warning if the error percolates back up: [440700.376476] CIFS VFS: \\otters.example.com crypt_message: Could not get encryption key [440700.386947] ------------[ cut here ]------------ [440700.386948] err = 1 [440700.386977] WARNING: CPU: 11 PID: 2733 at /build/linux-hwe-5.4-p6lk6L/linux-hwe-5.4-5.4.0/lib/errseq.c:74 errseq_set+0x5c/0x70 ... [440700.397304] CPU: 11 PID: 2733 Comm: tar Tainted: G OE 5.4.0-70-generic #78~18.04.1-Ubuntu ... [440700.397334] Call Trace: [440700.397346] __filemap_set_wb_err+0x1a/0x70 [440700.397419] cifs_writepages+0x9c7/0xb30 [cifs] [440700.397426] do_writepages+0x4b/0xe0 [440700.397444] __filemap_fdatawrite_range+0xcb/0x100 [440700.397455] filemap_write_and_wait+0x42/0xa0 [440700.397486] cifs_setattr+0x68b/0xf30 [cifs] [440700.397493] notify_change+0x358/0x4a0 [440700.397500] utimes_common+0xe9/0x1c0 [440700.397510] do_utimes+0xc5/0x150 [440700.397520] __x64_sys_utimensat+0x88/0xd0

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/e94851629c49c65b4fbb29a5725ddfd7988f8f20 patch
https://git.kernel.org/stable/c/e486f8397f3f14a7cadc166138141fdb14379a54 patch
https://git.kernel.org/stable/c/93f3339b22ba17e66f0808737467b70ba087eaec patch
https://git.kernel.org/stable/c/aaa0faa5c28a91c362352d6b35dc3ed10df56fb0 patch
https://git.kernel.org/stable/c/f59a9242942fef0de7b926e438ba4eae65d4b4dd patch
https://git.kernel.org/stable/c/b399c1a3ea0b9d10047ff266d65533df7f15532f patch
https://git.kernel.org/stable/c/83728cbf366e334301091d5b808add468ab46b27 patch

Frequently Asked Questions

What is the severity of CVE-2021-46960?
CVE-2021-46960 has been scored as a medium severity vulnerability.
How to fix CVE-2021-46960?
To fix CVE-2021-46960, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-46960 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-46960 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-46960?
CVE-2021-46960 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.