An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.
http://www.openwall.com/lists/oss-security/2021/03/05/1
http://xenbits.xen.org/xsa/advisory-367.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html
Source: MITRE
Published: 2021-03-05
Updated: 2021-04-09
Type: CWE-770
Base Score: 4.9
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Impact Score: 6.9
Exploitability Score: 3.9
Severity: MEDIUM
Base Score: 6.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Impact Score: 4
Exploitability Score: 2
Severity: MEDIUM
ID | Name | Product | Family | Severity |
---|---|---|---|---|
148700 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1210-1) | Nessus | SuSE Local Security Checks | high |
148698 | SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1211-1) | Nessus | SuSE Local Security Checks | high |
148674 | Citrix Hypervisor <= 8.2 LTSR DoS (CTX306565) | Nessus | Misc. | high |
148509 | SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1175-1) | Nessus | SuSE Local Security Checks | high |
148498 | Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4904-1) | Nessus | Ubuntu Local Security Checks | high |
148496 | Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4911-1) | Nessus | Ubuntu Local Security Checks | high |
148453 | Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9172) | Nessus | Oracle Linux Local Security Checks | medium |
148452 | Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9175) | Nessus | Oracle Linux Local Security Checks | medium |
148438 | openSUSE Security Update : the Linux Kernel (openSUSE-2021-532) | Nessus | SuSE Local Security Checks | high |
148254 | Debian DLA-2610-1 : linux-4.19 security update | Nessus | Debian Local Security Checks | high |
147919 | Amazon Linux AMI : kernel (ALAS-2021-1487) | Nessus | Amazon Linux Local Security Checks | medium |
147914 | Amazon Linux 2 : kernel (ALAS-2021-1616) | Nessus | Amazon Linux Local Security Checks | medium |
147532 | Debian DLA-2586-1 : linux security update | Nessus | Debian Local Security Checks | high |