CVE-2021-45485

Updated: 2023-11-04 20:47:59.576007

Description:

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 7.5 HIGH Released CLSA-2024:1705494430 2024-02-05 08:45:19
CentOS 7 ELS kernel 3.10.0 7.5 HIGH Needs Triage 2023-09-18 17:06:28
CentOS 8.4 ELS kernel 4.18.0 7.5 HIGH Released CLSA-2022:1651145959 2022-04-28 15:59:34
CentOS 8.5 ELS kernel 4.18.0 7.5 HIGH Released CLSA-2022:1651146021 2022-04-28 15:59:02
CloudLinux 6 ELS kernel 2.6.32 7.5 HIGH In Progress 2023-06-06 14:13:29
Oracle Linux 6 ELS kernel 2.6.32 7.5 HIGH Released CLSA-2024:1705496067 2024-01-17 08:57:52
Ubuntu 16.04 ELS linux 4.4.0 7.5 HIGH Released CLSA-2022:1649869212 2022-04-15 08:34:23
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.5 HIGH Already Fixed 2022-10-04 14:02:40
Ubuntu 18.04 ELS linux 4.15.0 7.5 HIGH Already Fixed 2023-06-02 09:10:33