CVE-2021-47245

2024-05-2100:00:00

ubuntu.com

linux kernel

netfilter

synproxy

tcp options

vulnerability

cve-2021-47245

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:
netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP
option parser in synproxy (synproxy_parse_options) could read one byte out
of bounds. When the length is 1, the execution flow gets into the loop,
reads one byte of the opcode, and if the opcode is neither TCPOPT_EOL nor
TCPOPT_NOP, it reads one more byte, which exceeds the length of 1. This fix
is inspired by commit 9609dad263f8 (“ipv4: tcp_input: fix stack out of
bounds when parsing TCP options.”). v2 changes: Added an early return when
length < 0 to avoid calling skb_header_pointer with negative length.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN