Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2021-46915
HistoryFeb 27, 2024 - 12:00 a.m.

CVE-2021-46915

2024-02-2700:00:00
ubuntu.com
ubuntu.com
5
linux kernel
cve-2021-46915
netfilter
nft_limit
divide error
security vulnerability
linux security

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_limit: avoid possible divide error in nft_limit_init
div_u64() divides u64 by u32. nft_limit_init() wants to divide u64 by u64,
use the appropriate math function (div64_u64) divide error: 0000 [#1]
PREEMPT SMP KASAN CPU: 1 PID: 8390 Comm: syz-executor188 Not tainted
5.12.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google
Compute Engine, BIOS Google 01/01/2011 RIP: 0010:div_u64_rem
include/linux/math64.h:28 [inline] RIP: 0010:div_u64
include/linux/math64.h:127 [inline] RIP: 0010:nft_limit_init+0x2a2/0x5e0
net/netfilter/nft_limit.c:85 Code: ef 4c 01 eb 41 0f 92 c7 48 89 de e8 38
a5 22 fa 4d 85 ff 0f 85 97 02 00 00 e8 ea 9e 22 fa 4c 0f af f3 45 89 ed 31
d2 4c 89 f0 <49> f7 f5 49 89 c6 e8 d3 9e 22 fa 48 8d 7d 48 48 b8 00 00 00
00 00 RSP: 0018:ffffc90009447198 EFLAGS: 00010246 RAX: 0000000000000000
RBX: 0000200000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI:
ffffffff875152e6 RDI: 0000000000000003 RBP: ffff888020f80908 R08:
0000200000000000 R09: 0000000000000000 R10: ffffffff875152d8 R11:
0000000000000000 R12: ffffc90009447270 R13: 0000000000000000 R14:
0000000000000000 R15: 0000000000000000 FS: 000000000097a300(0000)
GS:ffff8880b9d00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000
CR0: 0000000080050033 CR2: 00000000200001c4 CR3: 0000000026a52000 CR4:
00000000001506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400 Call Trace: nf_tables_newexpr
net/netfilter/nf_tables_api.c:2675 [inline] nft_expr_init+0x145/0x2d0
net/netfilter/nf_tables_api.c:2713 nft_set_elem_expr_alloc+0x27/0x280
net/netfilter/nf_tables_api.c:5160 nf_tables_newset+0x1997/0x3150
net/netfilter/nf_tables_api.c:4321 nfnetlink_rcv_batch+0x85a/0x21b0
net/netfilter/nfnetlink.c:456 nfnetlink_rcv_skb_batch
net/netfilter/nfnetlink.c:580 [inline] nfnetlink_rcv+0x3af/0x420
net/netfilter/nfnetlink.c:598 netlink_unicast_kernel
net/netlink/af_netlink.c:1312 [inline] netlink_unicast+0x533/0x7d0
net/netlink/af_netlink.c:1338 netlink_sendmsg+0x856/0xd90
net/netlink/af_netlink.c:1927 sock_sendmsg_nosec net/socket.c:654 [inline]
sock_sendmsg+0xcf/0x120 net/socket.c:674 ____sys_sendmsg+0x6e8/0x810
net/socket.c:2350 ___sys_sendmsg+0xf3/0x170 net/socket.c:2404
__sys_sendmsg+0xe5/0x1b0 net/socket.c:2433 do_syscall_64+0x2d/0x70
arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xae

Related

redhatcve 1
cve 1
prion 1
debiancve 1
redhat 4
nessus 10
amazon 1
redos 1
openvas 1
redhatcve
redhatcve
CVE-2021-46915
2024-02-27 21:03:05
cve
cve
CVE-2021-46915
2024-02-27 07:15:08
prion
prion
Spoofing
2024-02-27 07:15:00
debiancve
debiancve
CVE-2021-46915
2024-02-27 07:15:08
redhat
redhat
(RHSA-2024:2585) Moderate: kernel-rt security and bug fix update
2024-04-30 14:02:51
(RHSA-2024:2582) Moderate: kernel security and bug fix update
2024-04-30 14:02:37
(RHSA-2024:2008) Important: kernel-rt security update
2024-04-23 16:20:36
nessus
nessus
RHEL 8 : kernel-rt (RHSA-2024:2008)
2024-04-24 00:00:00
RHEL 8 : kernel (RHSA-2024:2006)
2024-04-24 00:00:00
Amazon Linux 2 : kernel (ALAS-2021-1636)
2021-05-24 00:00:00
amazon
amazon
Medium: kernel
2021-05-20 15:51:00
redos
redos
ROS-20240418-07
2024-04-18 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:0857-1)
2024-03-25 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for UB:CVE-2021-46915
redhatcve1cve1prion1debiancve1redhat4nessus10amazon1redos1openvas1