In the Linux kernel, the following vulnerability has been resolved:
neighbour: allow NUD_NOARP entries to be forced GCed IFF_POINTOPOINT
interfaces use NUD_NOARP entries for IPv6. It’s possible to fill up the
neighbour table with enough entries that it will overflow for valid
connections after that. This behaviour is more prevalent after commit
58956317c8de (“neighbor: Improve garbage collection”) is applied, as it
prevents removal from entries that are not NUD_FAILED, unless they are more
than 5s old.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < 5.4.0-81.91 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1055.58 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1056.58 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-5.4 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-bluefield | < 5.4.0-1019.22 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gcp | < 5.4.0-1051.55 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-gcp-5.4 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-gkeop | < 5.4.0-1022.23 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-hwe-5.4 | < any | UNKNOWN |
git.kernel.org/linus/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f (5.13-rc7)
git.kernel.org/stable/c/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f
git.kernel.org/stable/c/d17d47da59f726dc4c87caebda3a50333d7e2fd3
git.kernel.org/stable/c/d99029e6aab62aef0a0251588b2867e77e83b137
git.kernel.org/stable/c/ddf088d7aaaaacfc836104f2e632b29b1d383cfc
launchpad.net/bugs/cve/CVE-2021-47109
nvd.nist.gov/vuln/detail/CVE-2021-47109
security-tracker.debian.org/tracker/CVE-2021-47109
www.cve.org/CVERecord?id=CVE-2021-47109