Published: 06/01/2022 Updated: 08/08/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default). Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time. (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714)

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
debian debian linux 9.0
debian debian linux 10.0
debian debian linux 11.0

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2021-4155 Kirill Tkhai discovered a data leak in the way the XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for a size increase of files with unaligned size A local attacker can tak ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...

Several security issues were fixed in the Linux kernel ...

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports This flaw allows an off-path remote user to effectively bypass the source port UDP randomization The highest threat from this vulnerability is to confidentiality ...

A denial of service flaw for virtual machine guests in the Linux kernel's Xen hypervisor subsystem was found in the way users call some interrupts with high frequency from one of the guestsA local user could use this flaw to starve the resources resulting in a denial of service (CVE-2021-28711) A denial of service flaw for virtual machine guests ...

Several security issues have been identified in Citrix Hypervisor, that may each allow privileged code in a guest VM to cause the host to crash or become unresponsive  ...

CWE-770 https://xenbits.xenproject.org/xsa/advisory-392.txt https://www.debian.org/security/2022/dsa-5050 https://www.debian.org/security/2022/dsa-5096 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html https://nvd.nist.gov https://www.debian.org/security/2022/dsa-5050 https://ubuntu.com/security/notices/USN-5278-1

Get Started

CVE-2021-28715

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect