Vulnerability DatabaseCVE-2021-28691
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2021-28691
June 29, 2021
Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will lead to a use-after-free in Linux netback when the backend is destroyed, as the kernel thread associated with queue 0 will have already exited and thus the call to kthread_stop will be performed against a stale pointer.
Related Resources (6)
https://security.gentoo.org/glsa/202107-30
https://xenbits.xenproject.org/xsa/advisory-374.txt
https://github.com/gregkh/linux/commit/107866a8eb0b664675a260f1ba0655010fac1e08
https://bugzilla.redhat.com/show_bug.cgi?id=1970536
https://security.netapp.com/advisory/ntap-20210805-0002/
https://security-tracker.debian.org/tracker/CVE-2021-28691
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.5
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
LOW
User Interaction
NONE
Vulnerable System Confidentiality
HIGH
Vulnerable System Integrity
HIGH
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
CVSS v2
Base Score:
4.6
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
Weakness Type (CWE)
Use After Free
CWE-416
EPSS
Base Score:
0.03