Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-45486
HistoryDec 25, 2021 - 12:00 a.m.

CVE-2021-45486

2021-12-2500:00:00
ubuntu.com
ubuntu.com
33
linux kernel
ipv4
information leak
cve-2021-45486
hash table
net/ipv4/route.c
unix

CVSS2

2.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:S/C:P/I:N/A:N

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

17.9%

In the IPv4 implementation in the Linux kernel before 5.12.4,
net/ipv4/route.c has an information leak because the hash table is very
small.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-156.163UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-77.86UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-223.256UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1111.118UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1051.53UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1103.108UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1139.153UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1051.53~18.04.1UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1111.118~16.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1051.53UNKNOWN
Rows per page:
1-10 of 401

CVSS2

2.7

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:S/C:P/I:N/A:N

CVSS3

3.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

17.9%