CVE-2021-46283Improper Initialization in Kernel

CWE-665Improper InitializationCWE-476NULL Pointer Dereference6 documents6 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 88.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelDebian LinuxMsrc CM1 Kernel 5.10.93.1-1 ON CBL Mariner 1.0
Timeline
PublishedJan 11
Latest updateJan 12

Description

nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel< 5.12.13
Debianlinux/linux_kernel< 5.10.70-1+3
debiandebian/linux< linux 5.14.6-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-pc6g-g5m7-f2gr: nf_tables_newset in net/netfilter/nf_tables_api2022-01-12
OSV
CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api2022-01-11

📋Vendor Advisories

3
Red Hat
kernel: DoS in nf_tables_newset in net/netfilter/nf_tables_api.c2022-01-12
Microsoft
nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service (NULL pointer dereference and general protection fault) because of 2022-01-11
Debian
CVE-2021-46283: linux - nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel before 5.1...2021