CVE-2021-20177
Description
A flaw was found in the Linux kernels implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.
Risk Information
Base Score
4.4
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.042
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.44.1.noarch.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.44.1.noarch.rpm | Linux |
| SUSE-SU-2021:0348-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.44.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-base-debuginfo-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debuginfo-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-debugsource-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-default-devel-debuginfo-4.12.14-122.60.1.x86_64.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-4.12.14-122.60.1.noarch.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-macros-4.12.14-122.60.1.noarch.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-4.12.14-122.60.1.noarch.rpm | Linux |
| SUSE-SU-2021:0353-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-4.12.14-122.60.1.x86_64.rpm | Linux |
| Kernel-uek update (ELSA-2021-9037) kernel-uek-5.4.17-2036.103.3.el8uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9037) kernel-uek-debug-5.4.17-2036.103.3.el8uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9037) kernel-uek-debug-devel-5.4.17-2036.103.3.el8uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9037) kernel-uek-devel-5.4.17-2036.103.3.el8uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9037) kernel-uek-doc-5.4.17-2036.103.3.el8uek.noarch.rpm | Linux |
| Kernel-uek-container update (ELSA-2021-9038) kernel-uek-container-5.4.17-2036.103.3.el8.x86_64.rpm | Linux |
| Kernel-uek-container-debug update (ELSA-2021-9038) kernel-uek-container-debug-5.4.17-2036.103.3.el8.x86_64.rpm | Linux |
| Kernel-uek update (ELSA-2021-9140) kernel-uek-5.4.17-2102.200.13.el8uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9140) kernel-uek-debug-5.4.17-2102.200.13.el8uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9140) kernel-uek-debug-devel-5.4.17-2102.200.13.el8uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9140) kernel-uek-devel-5.4.17-2102.200.13.el8uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9140) kernel-uek-doc-5.4.17-2102.200.13.el8uek.noarch.rpm | Linux |
| Kernel-uek-container update (ELSA-2021-9141) kernel-uek-container-5.4.17-2102.200.13.el8.x86_64.rpm | Linux |
| Kernel-uek-container-debug update (ELSA-2021-9141) kernel-uek-container-debug-5.4.17-2102.200.13.el8.x86_64.rpm | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1033-kvm_5.4.0-1033.34_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1036-gke_5.4.0-1036.38~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1037-gcp_5.4.0-1037.40_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1037-gcp_5.4.0-1037.40~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1038-aws_5.4.0-1038.40_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1038-aws_5.4.0-1038.40~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1010-gkeop_5.4.0-1010.11_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1010-gkeop_5.4.0-1010.11~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1040-azure_5.4.0-1040.42_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1040-azure_5.4.0-1040.42~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-66-generic_5.4.0-66.74_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-66-generic_5.4.0-66.74~18.04.2_i386.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-66-generic_5.4.0-66.74~18.04.2_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1038-oracle_5.4.0-1038.41_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-1038-oracle_5.4.0-1038.41~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-66-lowlatency_5.4.0-66.74_amd64.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-66-lowlatency_5.4.0-66.74~18.04.2_i386.deb | Linux |
| Linux kernel (USN-4750-1) linux-image-5.4.0-66-lowlatency_5.4.0-66.74~18.04.2_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234