March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2021-29753 – IBM Business Automation Workflow
November 8, 2021Rewterz Threat Alert – LokiBot Malware – Active IOCs
November 8, 2021Rewterz Threat Advisory – CVE-2021-29753 – IBM Business Automation Workflow
November 8, 2021Rewterz Threat Alert – LokiBot Malware – Active IOCs
November 8, 2021
Severity
High
Analysis Summary
CVE-2021-43267
Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the Transparent Inter Process Communication (TIPC) module. By creating a a packet with small body size to allocate heap memory and sending specially crafted MSG_CRYPTO messages, a remote or local attacker could overflow a buffer and execute arbitrary code on the system and gain kernel privileges.
Impact
- Buffer OVerflow
Affected Vendors
- Linux
Affected Products
- Linux Kernel 5.10
- Linux Kernel 5.10.4
- Linux Kernel 5.10.11
- Linux Kernel 5.11.3
- Linux Kernel 5.11.6
- Linux Kernel 5.11.8
- Linux Kernel 5.11
- Linux Kernel 5.11.10
- Linux Kernel 5.11.2
- Linux Kernel 5.11.11
- Linux Kernel 5.12.0-rc3
- Linux Kernel 5.12
- Linux Kernel 5.12.2
- Linux Kernel 5.13.0-rc2
- Linux Kernel 5.12.10
- Linux Kernel 5.12.11
- Linux Kernel 5.13-rc6
- Linux Kernel 5.13.4
- Linux Kernel 5.13.7
- Linux Kernel 5.14-rc2
- Linux Kernel 5.13
- Linux Kernel 5.14-rc6
- Linux Kernel 5.14-rc4
- Linux Kernel 5.13.13
- Linux Kernel 5.14
- Linux Kernel 5.14.6
- Linux Kernel 5.14.9
- Linux Kernel 5.14.13
- Linux Kernel 5.14.14
Remediation
Upgrade to the latest version of Linux Kernel, available from The Linux Kernel Archives Web site.