Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2021-29753 – IBM Business Automation Workflow
November 8, 2021
Rewterz
Rewterz Threat Alert – LokiBot Malware – Active IOCs
November 8, 2021

Rewterz Threat Advisory – CVE-2021-43267 – Linux Kernel TIPC module

Severity

High

Analysis Summary

CVE-2021-43267 

Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the Transparent Inter Process Communication (TIPC) module. By creating a a packet with small body size to allocate heap memory and sending specially crafted MSG_CRYPTO messages, a remote or local attacker could overflow a buffer and execute arbitrary code on the system and gain kernel privileges.

Impact

  • Buffer OVerflow

Affected Vendors

  • Linux

Affected Products

  • Linux Kernel 5.10
  • Linux Kernel 5.10.4
  • Linux Kernel 5.10.11
  • Linux Kernel 5.11.3
  • Linux Kernel 5.11.6
  • Linux Kernel 5.11.8
  • Linux Kernel 5.11
  • Linux Kernel 5.11.10
  • Linux Kernel 5.11.2
  • Linux Kernel 5.11.11
  • Linux Kernel 5.12.0-rc3
  • Linux Kernel 5.12
  • Linux Kernel 5.12.2
  • Linux Kernel 5.13.0-rc2
  • Linux Kernel 5.12.10
  • Linux Kernel 5.12.11
  • Linux Kernel 5.13-rc6
  • Linux Kernel 5.13.4
  • Linux Kernel 5.13.7
  • Linux Kernel 5.14-rc2
  • Linux Kernel 5.13
  • Linux Kernel 5.14-rc6
  • Linux Kernel 5.14-rc4
  • Linux Kernel 5.13.13
  • Linux Kernel 5.14
  • Linux Kernel 5.14.6
  • Linux Kernel 5.14.9
  • Linux Kernel 5.14.13
  • Linux Kernel 5.14.14

Remediation

Upgrade to the latest version of Linux Kernel, available from The Linux Kernel Archives Web site.

http://www.kernel.org/