PT-2021-7066 · Linux+8 · Linux Kernel+8
Published
2021-08-26
·
Updated
2023-11-09
·
CVE-2021-20322
CVSS v2.0
8.8
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A flaw in the processing of received ICMP errors, specifically ICMP fragment needed and ICMP redirect, allows an off-path remote user to quickly scan open UDP ports and bypass the source port UDP randomization. This issue affects confidentiality and possibly integrity, as software relying on UDP source port randomization is indirectly affected.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Use of Insufficiently Random Values
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu