CVE-2021-47309

A vulnerability was found in the Linux kernel's networking component, where the skbtunnelinfo function can return unvalidated data. This issue arises because the function does not check the type of lwtstate-data before using it, which could lead to accessing incompatible data types and cause memo...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309 net: validate lwtstate->data before returning from skb_tunnel_info()

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...

CVE-2021-47309

CVE-2021-47309 affects the Linux kernel's net/tunnel code: skb_tunnel_info() may return a pointer to lwtstate->data without validating its type, risking out-of-bounds reads such as during VXLAN routing. Connected advisories (SUSE-SU-2024:2561-1 and related OSV/Nessus entries) confirm the fix i...