Bug 1945388 (CVE-2021-29650)
| Summary: | CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, bdettelb, bhu, blc, bmasney, brdeoliv, bskeggs, chwhite, crwood, dhoward, dvlasenk, fhrbata, fpacheco, hdegoede, hkrzesin, jarodwilson, jeremy, jforbes, jglisse, jlelli, jonathan, josef, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, mchehab, mlangsdo, nmurray, ptalbert, qzhao, rkeshri, rvrbovsk, steved, tomckay, walters, williams |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 5.12 rc5 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-08-31 11:57:46 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1945389, 1949087, 1949088, 1949089, 1949090, 1949091, 1949778, 1949779, 1949780, 1949781 | ||
| Bug Blocks: | 1945390 | ||
|
Description
Guilherme de Almeida Suckevicz
2021-03-31 18:40:47 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1945389] FEDORA-2021-41fb54ae9f has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2021-6b0f287b8b has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2021-2306e89112 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report. Mitigation: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. External References: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=175e476b8cdf2a4de7432583b49c871345e4f8a1 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:3327 https://access.redhat.com/errata/RHSA-2021:3327 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:3328 https://access.redhat.com/errata/RHSA-2021:3328 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-29650 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4140 https://access.redhat.com/errata/RHSA-2021:4140 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4356 https://access.redhat.com/errata/RHSA-2021:4356 |