retired/CVE-2021-46955


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Description: openvswitch: fix stack OOB read while fragmenting IPv4 packets
References:
Notes:
 carnil> Introduced in d52e5a7e7ca4 ("ipv4: lock mtu in fnhe when received PMTU <
 carnil> net.ipv4.route.min_pmt"). Vulnerable versions: 3.16.57 4.4.134 4.9.104 4.14.45
 carnil> 4.16-rc7.
Bugs:
upstream: released (5.13-rc1) [7c0ea5930c1c211931819d83cfb157bff1539a4c]
6.7-upstream-stable: N/A "Fixed before branching point"
6.6-upstream-stable: N/A "Fixed before branching point"
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.36) [a1478374b0bda89b4277a8afd39208271faad4be]
4.19-upstream-stable: released (4.19.191) [df9e900de24637be41879e2c50afb713ec4e8b2e]
sid: released (5.10.38-1)
6.1-bookworm-security: N/A "Fixed before branching point"
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: released (4.19.194-1)