Wind River Support Network

HomeDefectsLIN1021-2278
Fixed

LIN1021-2278 : Security Advisory - linux - CVE-2021-45485

Created: Dec 26, 2021    Updated: Jan 5, 2022
Resolved Date: Jan 5, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.5
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

CREATE(Triage):(User=admin) [CVE-2021-45485|https://nvd.nist.gov/vuln/detail/CVE-2021-45485]

CVEs


Live chat
Online