CVE-2021-43267
Description
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
68.926
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2021:4647) kernel security update bpftool-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-abi-stablelists-4.18.0-348.2.1.el8_5.noarch.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-core-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-cross-headers-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-debug-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-debug-core-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-debug-devel-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-debug-modules-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-debug-modules-extra-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-devel-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-doc-4.18.0-348.2.1.el8_5.noarch.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-headers-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-modules-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-modules-extra-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-tools-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update kernel-tools-libs-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update perf-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| (RHSA-2021:4647) kernel security update python3-perf-4.18.0-348.2.1.el8_5.x86_64.rpm | Linux |
| Linux kernel for OEM systems (USN-5165-1) linux-image-oem-20.04d_5.14.0.1008.8_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5165-1) linux-image-5.14.0-1008-oem_5.14.0-1008.8_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5207-1) linux-image-oem-20.04_5.10.0.1053.55_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5207-1) linux-image-oem-20.04b_5.10.0.1053.55_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5207-1) linux-image-5.10.0-1053-oem_5.10.0-1053.55_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-aws_5.11.0.1023.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-aws_5.13.0.1008.10_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-aws_5.11.0.1023.24~20.04.23_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-gcp_5.13.0.1008.9_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-gcp_5.11.0.1024.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-gcp_5.11.0.1024.26~20.04.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-gke_5.13.0.1008.9_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-gke_5.11.0.1024.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-kvm_5.13.0.1007.7_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-kvm_5.11.0.1021.22_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-azure_5.11.0.1023.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-azure_5.13.0.1009.10_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-azure_5.11.0.1023.24~20.04.23_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-oracle_5.11.0.1023.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-oracle_5.13.0.1011.13_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-oracle_5.11.0.1023.24~20.04.16_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-generic_5.11.0.44.44_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-generic_5.13.0.23.34_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-virtual_5.11.0.44.44_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-virtual_5.13.0.23.34_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-oem-20.04_5.11.0.44.44_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-oem-20.04_5.13.0.23.34_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-lowlatency_5.11.0.44.44_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-lowlatency_5.13.0.23.34_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1021-kvm_5.11.0-1021.23_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1023-aws_5.11.0-1023.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1023-aws_5.11.0-1023.24~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1024-gcp_5.11.0-1024.26_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1024-gcp_5.11.0-1024.26~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-1007-kvm_5.13.0-1007.7_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-1008-aws_5.13.0-1008.9_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-1008-gcp_5.13.0-1008.9_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1023-azure_5.11.0-1023.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1023-azure_5.11.0-1023.24~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-44-generic_5.11.0-44.48_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-44-generic_5.11.0-44.48~20.04.2_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-1009-azure_5.13.0-1009.10_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-23-generic_5.13.0-23.23_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-generic-hwe-20.04_5.11.0.44.48~20.04.22_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-virtual-hwe-20.04_5.11.0.44.48~20.04.22_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1023-oracle_5.11.0-1023.24_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-1023-oracle_5.11.0-1023.24~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-1011-oracle_5.13.0-1011.13_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-44-lowlatency_5.11.0-44.48_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.11.0-44-lowlatency_5.11.0-44.48~20.04.2_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-5.13.0-23-lowlatency_5.13.0-23.23_amd64.deb | Linux |
| Linux kernel (USN-5208-1) linux-image-lowlatency-hwe-20.04_5.11.0.44.48~20.04.22_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5218-1) linux-image-oem-20.04c_5.13.0.1026.29_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5218-1) linux-image-5.13.0-1026-oem_5.13.0-1026.32_amd64.deb | Linux |
| Improper Validation of Specified Quantity in Input Vulnerability (CVE-2021-43267) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234