CVE-2021-45486

In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:32

Type Values Removed Values Added
References () https://arxiv.org/pdf/2112.09604.pdf - Technical Description, Third Party Advisory () https://arxiv.org/pdf/2112.09604.pdf - Technical Description, Third Party Advisory
References () https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 - Release Notes, Vendor Advisory () https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 - Release Notes, Vendor Advisory
References () https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba - Patch, Vendor Advisory () https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba - Patch, Vendor Advisory
References () https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory () https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory

Information

Published : 2021-12-25 02:15

Updated : 2024-11-21 06:32


NVD link : CVE-2021-45486

Mitre link : CVE-2021-45486

CVE.ORG link : CVE-2021-45486


JSON object : View

Products Affected

oracle

  • communications_cloud_native_core_network_exposure_function
  • communications_cloud_native_core_policy
  • communications_cloud_native_core_binding_support_function

linux

  • linux_kernel
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm