PT-2021-3379 · Linux+3 · Xen-Netback+3

Michael Brown

·

Published

2021-05-19

·

Updated

2025-02-27

·

CVE-2021-28691

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux xen-netback (affected versions not specified)
Description A use-after-free issue exists in Linux xen-netback due to insufficient input validation. This can be triggered by a malicious or buggy network PV frontend sending a malformed packet, causing the interface to be disabled and the receive kernel thread associated with queue 0 to terminate. As a result, when the backend is destroyed, a use-after-free occurs because the kernel thread associated with queue 0 has already exited, leading to a call to kthread stop being performed against a stale pointer. The exploitation of this issue may allow a remote attacker to elevate privileges or disclose protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-416

Related Identifiers

ALT-PU-2021-1833
ALT-PU-2021-1888
ALT-PU-2021-1896
ALT-PU-2021-1989
ALT-PU-2021-1990
ALT-PU-2021-2012
ALT-PU-2021-2042
ALT-PU-2021-2370
ALT-PU-2021-2672
ALT-PU-2021-2677
ALT-PU-2021-2678
ALT-PU-2021-3481
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6537
BDU:2021-03230
CVE-2021-28691
MGASA-2021-0257
MGASA-2021-0258
USN-5015-1
USN-5046-1
USN-5050-1

Affected Products

Alt Linux
Linuxmint
Ubuntu
Xen-Netback