Bug 1945388 (CVE-2021-29650) - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
Summary: CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a ne...
Keywords:
Status: NEW
Alias: CVE-2021-29650
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1949087 1949088 1949090 1949091 1949778 1949779 1949780 1949781 1945389 1949089
Blocks: 1945390
TreeView+ depends on / blocked
 
Reported: 2021-03-31 18:40 UTC by Guilherme de Almeida Suckevicz
Modified: 2021-04-27 11:29 UTC (History)
45 users (show)

Fixed In Version: kernel 5.12 rc5
Doc Type: If docs needed, set a value
Doc Text:
A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-03-31 18:40:47 UTC
A flaw was found in the Linux kernel in the netfilter subsystem, Where a local attacker may cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value.


Reference and upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1

Comment 1 Guilherme de Almeida Suckevicz 2021-03-31 18:41:25 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1945389]

Comment 2 Fedora Update System 2021-04-02 00:17:31 UTC
FEDORA-2021-41fb54ae9f has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 3 Fedora Update System 2021-04-02 01:14:38 UTC
FEDORA-2021-6b0f287b8b has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 4 Fedora Update System 2021-04-02 01:21:42 UTC
FEDORA-2021-2306e89112 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 8 Rohit Keshri 2021-04-13 11:55:55 UTC
Mitigation:

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.


Note You need to log in before you can comment on or make changes to this bug.