CVE-2021-46915

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.0-rc4-syzkaller

Description The vulnerability is related to a divide error in the nft limit init function, which is caused by the div u64 function dividing a 64-bit unsigned integer by a 32-bit unsigned integer. The nft limit init function wants to divide a 64-bit unsigned integer by another 64-bit unsigned integer, but it uses the wrong math function. This can lead to a divide error, causing the system to crash or become unstable.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, update to a version later than 5.12.0-rc4-syzkaller.

As a temporary workaround, consider disabling the nft limit init function until a patch is available. However, this may have unintended consequences and should be done with caution.

It is also recommended to restrict access to the vulnerable nft limit module to minimize the risk of exploitation.

Note: The above recommendations are based on the provided input data and may not be comprehensive or applicable in all scenarios.