Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-47109— neighbour: allow NUD_NOARP entries to be forced GCed

EPSS 0.01% · P3
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-47109

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
neighbour: allow NUD_NOARP entries to be forced GCed
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUD_NOARP entries to be forced GCed IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid connections after that. This behaviour is more prevalent after commit 58956317c8de ("neighbor: Improve garbage collection") is applied, as it prevents removal from entries that are not NUD_FAILED, unless they are more than 5s old.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 neighbour 模块允许 NUD_NOARP 条目被强制 GCed。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 58956317c8de52009d1a38a721474c24aef74fe7 ~ d99029e6aab62aef0a0251588b2867e77e83b137 -
LinuxLinux 5.0 -

II. Public POCs for CVE-2021-47109

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-47109

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-03-15 · 26 CVEs total

CVE-2021-47123io_uring: fix ltout double free on completion race
CVE-2021-47135mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report
CVE-2021-47134efi/fdt: fix panic when no valid fdt found
CVE-2021-47133HID: amd_sfh: Fix memory leak in amd_sfh_work
CVE-2021-47132mptcp: fix sk_forward_memory corruption on retransmission
CVE-2021-47131net/tls: Fix use-after-free after the TLS device goes down and up
CVE-2021-47130nvmet: fix freeing unallocated p2pmem
CVE-2021-47129netfilter: nft_ct: skip expectations for confirmed conntrack
CVE-2021-47128bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks
CVE-2021-47127ice: track AF_XDP ZC enabled queues in bitmap
CVE-2021-47126ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions
CVE-2021-47125sch_htb: fix refcount leak in htb_parent_to_leaf_offload
CVE-2021-47124io_uring: fix link timeout refs
CVE-2021-47110x86/kvm: Disable kvmclock on all CPUs on shutdown
CVE-2021-47122net: caif: fix memory leak in caif_device_notify
CVE-2021-47121net: caif: fix memory leak in cfusbl_device_notify
CVE-2021-47120HID: magicmouse: fix NULL-deref on disconnect
CVE-2021-47119ext4: fix memory leak in ext4_fill_super
CVE-2021-47118pid: take a reference when initializing `cad_pid`
CVE-2021-47117ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2021-47109

No comments yet

Leave a comment