PT-2021-2611 · Linux+8 · Linux Kernel+8
Published
2021-03-15
·
Updated
2023-06-27
·
CVE-2021-29650
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 5.11.11
Description
The issue is related to errors in synchronization within the netfilter subsystem of the Linux kernel. Exploitation of this issue can allow an attacker to cause a denial of service, leading to a system panic. The problem arises because net/netfilter/x tables.c and include/linux/netfilter/x tables.h lack a full memory barrier upon the assignment of a new table value.
Recommendations
For Linux kernel versions prior to 5.11.11, update to version 5.11.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the netfilter subsystem to minimize the risk of exploitation.
Fix
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu