CVE-2021-38209

Updated: 2024-11-24 05:15:26.547208

Description:

net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 2.1
CVSS Version 3.x LOW 3.3

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS kernel 2.6.32 3.3 LOW Not Vulnerable 2021-11-02 14:03:31
CentOS 7 ELS kernel 3.10.0 3.3 LOW Ignored 2023-09-19 09:30:07
CentOS 8.4 ELS kernel 4.18.0 3.3 LOW Ignored 2022-02-10 08:36:34
CentOS 8.5 ELS kernel 4.18.0 3.3 LOW Ignored 2022-02-21 05:39:38
CloudLinux 6 ELS kernel 2.6.32 3.3 LOW Ignored 2022-01-27 11:20:13
Oracle Linux 6 ELS kernel 2.6.32 3.3 LOW Ignored 2022-01-27 11:20:13
Ubuntu 16.04 ELS linux 4.4.0 3.3 LOW Ignored 2022-01-27 11:20:13
Ubuntu 16.04 ELS linux-hwe 4.15.0 3.3 LOW Ignored 2022-09-28 05:02:43
Ubuntu 18.04 ELS linux 4.15.0 3.3 LOW Ignored 2023-03-02 04:04:08