CVE-2021-46992

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.0-rc7-syzkaller

Description The vulnerability is related to netfilter: nftables, where overflows can occur in nft hash buckets() due to the number of buckets being stored in 32-bit variables. This issue was identified by syzbot, which injected a size of 0x40000000 and reported a UBSAN: shift-out-of-bounds error in ./include/linux/log2.h. The error occurs because the shift exponent 64 is too large for a 64-bit type 'long unsigned int'. The vulnerability affects the Linux kernel and is related to the nft hash buckets function.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the netfilter: nftables vulnerability. As a temporary workaround, consider disabling the nft hash buckets function until a patch is available. However, since the provided information does not specify the exact fixed version, it is recommended to update to the latest available Linux kernel version.

At the moment, there is no information about a newer version that contains a fix for this vulnerability.