PT-2021-8146 · Linux+4 · Linux Kernel+4

Ignat Korchagin

Published

2021-12-23

Updated

2024-10-31

CVE-2021-47099

CVSS v2.0

6.2

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.16.0-rc5+

Description The vulnerability is related to the veth component of the Linux kernel, which fails to properly check for shared or cloned skbs when GRO is enabled on a veth device and TSO is disabled on the peer device. This can lead to a kernel bug and potentially cause a denial of service. The issue is addressed by skipping the GRO stage for shared or cloned skbs and trying to unclone the skbs before giving up.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, versions prior to 5.16.0-rc5+ are affected, so updating to 5.16.0-rc5+ or later should resolve the issue.

Note: The provided information does not specify the exact version that includes the fix, but it is clear that versions prior to 5.16.0-rc5+ are vulnerable.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2024-08418

CESA-2022_7444

CESA-2022_7683

CVE-2021-47099

OPENSUSE-SU-2024_1321-1

OPENSUSE-SU-2024_1322-1

OPENSUSE-SU-2024_1322-2

OPENSUSE-SU-2024_1332-1

OPENSUSE-SU-2024_1332-2

OPENSUSE-SU-2024_1466-1

OPENSUSE-SU-2024_1480-1

OPENSUSE-SU-2024_1490-1

RHSA-2022:7444

RHSA-2022:7683

RHSA-2022:7933

RHSA-2022:8267

RHSA-2022_7444

RHSA-2022_7683

RHSA-2022_7933

RHSA-2022_8267

RHSA-2024:1877

SUSE-SU-2024:1320-1

SUSE-SU-2024:1321-1

SUSE-SU-2024:1466-1

SUSE-SU-2024:1480-1

SUSE-SU-2024:1490-1

Affected Products

Centos

Linux Kernel

Red Hat

Red Os

Suse

PT-2021-8146 · Linux+4 · Linux Kernel+4

CVE-2021-47099

Weakness Enumeration

Related Identifiers

Affected Products

References · 463