CVE-2021-45485

Updated: 2024-11-24 05:40:34.217465

Description:

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.5 HIGH Already Fixed 2024-05-31 10:03:23
AlmaLinux 9.2 FIPS kernel 5.14.0 7.5 HIGH Already Fixed 2024-05-31 10:03:23
CentOS 6 ELS kernel 2.6.32 7.5 HIGH Released CLSA-2024:1705494430 2024-02-05 08:45:19
CentOS 7 ELS kernel 3.10.0 7.5 HIGH Released CLSA-2024:1720468480 2024-07-23 17:33:19
CentOS 8.4 ELS kernel 4.18.0 7.5 HIGH Released CLSA-2022:1651145959 2022-04-28 15:59:34
CentOS 8.5 ELS kernel 4.18.0 7.5 HIGH Released CLSA-2022:1651146021 2022-04-28 15:59:02
CentOS Stream 8 ELS kernel 4.18.0 7.5 HIGH Already Fixed 2024-06-09 11:20:32
CloudLinux 6 ELS kernel 2.6.32 7.5 HIGH Needs Triage 2024-08-22 04:28:28
CloudLinux 7 ELS kernel 3.10.0 7.5 HIGH Needs Triage 2024-09-06 04:50:05
Oracle Linux 6 ELS kernel 2.6.32 7.5 HIGH Released CLSA-2024:1705496067 2024-01-17 08:57:52
Total: 13