Published: 18/02/2022 Updated: 09/11/2023

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.4 | Impact Score: 5.2 | Exploitability Score: 2.2

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
fedoraproject fedora 34
debian debian linux 9.0
debian debian linux 10.0
netapp solidfire \\& hci management node -
netapp active iq unified manager -
netapp e-series santricity os controller
netapp solidfire\\, enterprise sds \\& hci storage node -
netapp fas_baseboard_management_controller_firmware -
netapp aff_baseboard_management_controller_firmware -
netapp aff_a700s_firmware -
netapp h700s_firmware -
netapp h700e_firmware -
netapp h500s_firmware -
netapp h410s_firmware -
netapp h500e_firmware -
netapp h300e_firmware -
netapp h300s_firmware -
netapp hci_compute_node_firmware -
oracle communications cloud native core binding support function 22.1.3
oracle communications cloud native core policy 22.2.0
oracle communications cloud native core network exposure function 22.1.1

Several security issues were fixed in the Linux kernel ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...

Synopsis Important: Red Hat Advanced Cluster Management 25 security updates, images, and bug fixes Type/Severity Security Advisory: Important Topic Red Hat Advanced Cluster Management for Kubernetes 250 is now generally availableRed Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product S ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 165 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 165 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated ...

概述 Moderate: Red Hat Advanced Cluster Management 2311 security updates and bug fixes 类型/严重性 Security Advisory: Moderate 标题 Red Hat Advanced Cluster Management for Kubernetes 2311 generalavailability release images, which provide security updates and bug fixesRed Hat Product Security has rated this update as having a sec ...

Synopsis Moderate: Red Hat Advanced Cluster Management 245 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 245 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 172 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 172 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports This flaw allows an off-path remote user to effectively bypass the source port UDP randomization The highest threat from this vulnerability is to confidentiality ...

Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers

The Register • Iain Thomson in San Francisco • 23 Nov 2021

Get our weekly newsletter Plus: DNS cache poisoning again, cops probe property conveyancing group's IT outage, Azure hole addressed, and more

In brief Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n'telecoms giant a year to do so, infosec researchers have said. We're told that the vulnerability could be exploited by tricking a subscriber into viewing a malicious webpage. If an attack was successful, their router would fall under the attacker's control, allowing the crook to open up ports to access other devices on the local network, change the LAN's default DNS settings to ...

CVE-2021-20322

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect