Bug 1945388 (CVE-2021-29650) - CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
Summary: CVE-2021-29650 kernel: lack a full memory barrier upon the assignment of a ne...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-29650
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1949778 1949779 1949780 1949781 1945389 1949087 1949088 1949089 1949090 1949091
Blocks: 1945390
TreeView+ depends on / blocked
 
Reported: 2021-03-31 18:40 UTC by Guilherme de Almeida Suckevicz
Modified: 2021-11-09 18:24 UTC (History)
45 users (show)

Fixed In Version: kernel 5.12 rc5
Doc Type: If docs needed, set a value
Doc Text:
A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem.
Clone Of:
Environment:
Last Closed: 2021-08-31 11:57:46 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2021:3327 0 None None None 2021-08-31 09:08:59 UTC
Red Hat Product Errata RHSA-2021:3328 0 None None None 2021-08-31 09:09:17 UTC
Red Hat Product Errata RHSA-2021:4140 0 None None None 2021-11-09 17:22:09 UTC
Red Hat Product Errata RHSA-2021:4356 0 None None None 2021-11-09 18:24:41 UTC

Description Guilherme de Almeida Suckevicz 2021-03-31 18:40:47 UTC 
A flaw was found in the Linux kernel in the netfilter subsystem, Where a local attacker may cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value.


Reference and upstream patch:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1
Comment 1 Guilherme de Almeida Suckevicz 2021-03-31 18:41:25 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1945389]
Comment 2 Fedora Update System 2021-04-02 00:17:31 UTC 
FEDORA-2021-41fb54ae9f has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 3 Fedora Update System 2021-04-02 01:14:38 UTC 
FEDORA-2021-6b0f287b8b has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 4 Fedora Update System 2021-04-02 01:21:42 UTC 
FEDORA-2021-2306e89112 has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 8 Rohit Keshri 2021-04-13 11:55:55 UTC 
Mitigation:

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Comment 12 Alex 2021-04-27 11:29:55 UTC 
External References:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=175e476b8cdf2a4de7432583b49c871345e4f8a1
Comment 21 errata-xmlrpc 2021-08-31 09:08:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3327 https://access.redhat.com/errata/RHSA-2021:3327
Comment 22 errata-xmlrpc 2021-08-31 09:09:14 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3328 https://access.redhat.com/errata/RHSA-2021:3328
Comment 23 Product Security DevOps Team 2021-08-31 11:57:46 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-29650
Comment 24 errata-xmlrpc 2021-11-09 17:22:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:4140 https://access.redhat.com/errata/RHSA-2021:4140
Comment 25 errata-xmlrpc 2021-11-09 18:24:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:4356 https://access.redhat.com/errata/RHSA-2021:4356
Note You need to log in before you can comment on or make changes to this bug.