CVE-2021-47291 : In the Linux kernel, the following vulnerability has been resolved: ipv6: fix a

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79fe46 ("ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions"). We additionally need to take care of fib6_metrics initialization failure when the caller provides an nh. The fix is similar, explicitly free the route instead of calling fib6_info_release on a half-initialized object.

Published 2024-05-21 14:35:16

Updated 2024-12-23 16:47:57

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47291

Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.54
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.13.6
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.3 and before (<) 5.4.136
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC1
cpe:2.3:o:linux:linux_kernel:5.14:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.14 Update RC2
cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47291

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47291

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H	1.8	5.2	NIST	2024-12-23
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: High

CWE ids for CVE-2021-47291

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-47291

https://git.kernel.org/stable/c/830251361425c5be044db4d826aaf304ea3d14c6

ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/115784bcccf135c3a3548098153413d76f16aae0

ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/ce8fafb68051fba52546f8bbe8621f7641683680

ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/8fb4792f091e608a0a1d353dfdf07ef55a719db5

ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47291

Products affected by CVE-2021-47291

Exploit prediction scoring system (EPSS) score for CVE-2021-47291

CVSS scores for CVE-2021-47291

CWE ids for CVE-2021-47291

References for CVE-2021-47291