diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-29 08:57:18 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-29 08:57:18 +0200 |
commit | 57a69365b01d368b0cff111429eb2df1ac085f4c (patch) | |
tree | 00ff3c83ff50dfd49b7cc8fbb1db7ea52d1b45fc /active/CVE-2021-3892 | |
parent | 39f36cb382de407a8801fe1506da6425774809ad (diff) |
Add CVE-2021-3892
Diffstat (limited to 'active/CVE-2021-3892')
-rw-r--r-- | active/CVE-2021-3892 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/active/CVE-2021-3892 b/active/CVE-2021-3892 new file mode 100644 index 00000000..96a054da --- /dev/null +++ b/active/CVE-2021-3892 @@ -0,0 +1,20 @@ +Description: memory leak in fib6_rule_suppress could result in DoS +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2014623 + https://bugzilla.redhat.com/show_bug.cgi?id=2008123 +Notes: + carnil> At time of writing only limited information provided by Red + carnil> Hat: "The kernel leaks memory when firewalld IPv6_rpfilter is + carnil> enabled and a suppress_prefix rule is present in the IPv6 + carnil> routing rules (used by certain tools such as wg-quick). In such + carnil> scenarios, every incoming packet will leak an allocation in + carnil> ip6_dst_cache slab cache." +Bugs: +upstream: +5.10-upstream-stable: +4.19-upstream-stable: +4.9-upstream-stable: +sid: +5.10-bullseye-security: +4.19-buster-security: +4.9-stretch-security: |