Bug 1976946 (CVE-2021-3635)
Summary: | CVE-2021-3635 kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50 | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | acaringi, adscvr, airlied, alciregi, bdettelb, bhu, blc, brdeoliv, bskeggs, carnil, chwhite, crwood, dhoward, dvlasenk, egarver, fhrbata, fpacheco, hdegoede, hkrzesin, jarod, jarodwilson, jeremy, jforbes, jlelli, jonathan, josef, jshortt, jstancek, jwboyer, kcarcia, kernel-maint, kernel-mgr, lgoncalv, linville, masami256, mchehab, mlangsdo, nmurray, ptalbert, qzhao, rvrbovsk, security-response-team, steved, tomckay, tuxmealux+redhatbz, walters, wcosta, williams, wmealing, yiche |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | kernel 5.5-rc7 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in the Linux kernel netfilter implementation. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-11-09 21:52:12 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1977137, 1977138, 1990729 | ||
Bug Blocks: | 1974858, 1978820 |
Description
Pedro Sampaio
2021-06-28 15:49:51 UTC
This is rated as a Low, as you must be root or cap_sys_admin with a local account to be able to create the exploitable condition. Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1990729] Hi folks, could you please open 1974543 to the public? I cannot find details about this bug anywhere. Thanks Hi Gianluca, (In reply to Gianluca Gabrielli from comment #9) > Hi folks, > > could you please open 1974543 to the public? I cannot find details about > this bug anywhere. > > Thanks External to Red Hat here, but was searching as well for some information about this CVE. I suspect this is about the upstream commit https://git.kernel.org/linus/335178d5429c4cee61b58f4ac80688f556630818 Regards, Salvatore The BZ #1974543 is an internal tracking bug, and contains no information relevant to this flaw. (In reply to Salvatore Bonaccorso from comment #10) > Hi Gianluca, > > (In reply to Gianluca Gabrielli from comment #9) > > Hi folks, > > > > could you please open 1974543 to the public? I cannot find details about > > this bug anywhere. > > > > Thanks > > External to Red Hat here, but was searching as well for some information > about this CVE. I suspect this is about the upstream commit > https://git.kernel.org/linus/335178d5429c4cee61b58f4ac80688f556630818 Yes, it really seems the right one. Nice catch and thanks for having shared it. This was fixed for Fedora with the 5.4.14 stable kernel updates. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4140 https://access.redhat.com/errata/RHSA-2021:4140 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4356 https://access.redhat.com/errata/RHSA-2021:4356 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3635 |