#VU92752 Buffer overflow in Linux kernel - CVE-2021-38207

Cybersecurity Help s.r.o.

Published: 2021-08-08 | Updated: 2021-10-18

Vulnerability identifier: #VU92752

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38207

CWE-ID: CWE-120

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about 10 minutes.

Mitigation
Install update from vendor's repository.

Vulnerable software versions

Linux kernel: All versions

External links
https://github.com/torvalds/linux/commit/c364df2489b8ef2f5e3159b1dff1ff1fdb16040d
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.13
https://security.netapp.com/advisory/ntap-20210902-0007/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for linux-azure-5.8

SUSE update for the Linux Kernel

Ubuntu update for linux

openEuler update for kernel

Buffer overflow in Linux kernel