Main Vulnerability Database SB2024070231

SB2024070231 - Denial of service in Linux kernel IPv6

Published: July 2, 2024 Updated: July 2, 2024

Security Bulletin ID SB2024070231

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Adjecent network

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2021-47109)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the system when handling NUD_NOARP entries for IPv6. A remote attacker can fill up the neighbour table with enough entries that it will overflow for valid connections after that.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/d99029e6aab62aef0a0251588b2867e77e83b137
https://git.kernel.org/stable/c/d17d47da59f726dc4c87caebda3a50333d7e2fd3
https://git.kernel.org/stable/c/ddf088d7aaaaacfc836104f2e632b29b1d383cfc
https://git.kernel.org/stable/c/7a6b1ab7475fd6478eeaf5c9d1163e7a18125c8f