CVE-2021-47036

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the Linux kernel's handling of UDP tunnel packets. When NETIF F GRO FRAGLIST or NETIF F GRO UDP FWD are enabled and UDP tunnels are available, the udp gro receive() function could perform L4 aggregation at the outer UDP tunnel level, leading to inner protocol corruption. This can cause issues with packets carrying vxlan headers, where different vxlan ids may be ignored or aggregated to the same GSO packet. To resolve this, the code path for SKB GSO UDP L4 and SKB GSO FRAGLIST is skipped if the packet could land in a UDP tunnel, and udp gro receive() is allowed to do GRO via udp sk(sk)->gro receive. The check implemented is broader than necessary, but covering the corner case would add complexity.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.