Lucene search
LinuxVULNRICHMENT:CVE-2021-47109HistoryMar 15, 2024 - 8:14 p.m.
CVE-2021-47109 neighbour: allow NUD_NOARP entries to be forced GCed
2024-03-1520:14:18
Linux
github.com
5
linux kernel
vulnerability
neighbour table overflow
ipv6
commit 58956317c8de
garbage collection
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
15.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
neighbour: allow NUD_NOARP entries to be forced GCed
IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It’s possible to
fill up the neighbour table with enough entries that it will overflow for
valid connections after that.
This behaviour is more prevalent after commit 58956317c8de (“neighbor:
Improve garbage collection”) is applied, as it prevents removal from
entries that are not NUD_FAILED, unless they are more than 5s old.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "58956317c8de",
"lessThan": "d99029e6aab6",
"versionType": "git"
},
{
"status": "affected",
"version": "58956317c8de",
"lessThan": "d17d47da59f7",
"versionType": "git"
},
{
"status": "affected",
"version": "58956317c8de",
"lessThan": "ddf088d7aaaa",
"versionType": "git"
},
{
"status": "affected",
"version": "58956317c8de",
"lessThan": "7a6b1ab7475f",
"versionType": "git"
}
],
"programFiles": [
"net/core/neighbour.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "5.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "5.4.125",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.43",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.12.10",
"versionType": "custom",
"lessThanOrEqual": "5.12.*"
},
{
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"net/core/neighbour.c"
],
"defaultStatus": "affected"
}
]Related
redhatcve
redhatcve
CVE-2021-47109
2024-03-16 19:07:13
cve
cve
CVE-2021-47109
2024-03-15 21:15:06
debiancve
debiancve
CVE-2021-47109
2024-03-15 21:15:06
cvelist
cvelist
CVE-2021-47109 neighbour: allow NUD_NOARP entries to be forced GCed
2024-03-15 20:14:18
ubuntucve
ubuntucve
CVE-2021-47109
2024-03-15 00:00:00
nvd
nvd
CVE-2021-47109
2024-03-15 21:15:06
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-004)
2022-05-02 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-002)
2022-05-02 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1489-1)
2024-08-20 00:00:00
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
15.5%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2021-47109