ALT Linux Team

Package kernel-image-un-def update in sisyphus on 2021-03-10

ALT-PU-2021-5032-1

Package kernel-image-un-def updated to version 5.10.22-alt1 for branch sisyphus in task 267547.

Closed vulnerabilities

Published: 2021-10-05
Modified: 2022-10-17

BDU:2021-04857

Уязвимость драйвера netback ядра операционной системы Linux, связанная с выделением неограниченной памяти, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.5)Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Severity: MEDIUM (4.9)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2021-03-05
Modified: 2024-11-21

CVE-2021-28038

An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.

Severity: MEDIUM (4.9)Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Severity: MEDIUM (6.5)Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
References:
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: 2.1.2
Back to top