PT-2021-2614 · Linux+6 · Linux Kernel+6

Syzbot

Published

2021-03-15

Updated

2023-05-17

CVE-2021-29646

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.11.11

Description An issue was discovered in the Linux kernel where the tipc nl retrieve key function in net/tipc/node.c does not properly validate certain data sizes. This could allow an attacker to cause a denial of service.

Recommendations For Linux kernel versions prior to 5.11.11, update to version 5.11.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the tipc nl retrieve key function in net/tipc/node.c to minimize the risk of exploitation.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

ALSA-2021:4356

ALT-PU-2021-1582

ALT-PU-2021-1609

ALT-PU-2021-1869

ALT-PU-2021-1888

ALT-PU-2021-1896

ALT-PU-2022-1240

ALT-PU-2022-1419

ALT-PU-2022-1421

ALT-PU-2023-1814

AZL-6549

BDU:2021-02104

CESA-2021_4140

CESA-2021_4356

CVE-2021-29646

RHSA-2021:4140

RHSA-2021:4356

RHSA-2021_4140

RHSA-2021_4356

USN-4947-1

USN-4948-1

USN-4949-1

Affected Products

Alt Linux

Almalinux

Centos

Linuxmint

Linux Kernel

Red Hat

Ubuntu

PT-2021-2614 · Linux+6 · Linux Kernel+6

CVE-2021-29646

Weakness Enumeration

Related Identifiers

Affected Products

References · 109