CVE-2021-29650
First published: Mon Mar 15 2021(Updated: )
A denial-of-service (DoS) flaw was identified in the Linux kernel due to an incorrect memory barrier in xt_replace_table in net/netfilter/x_tables.c in the netfilter subsystem.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.41.1.rt56.1181.el7 | 0:3.10.0-1160.41.1.rt56.1181.el7 |
| redhat/kernel | <0:3.10.0-1160.41.1.el7 | 0:3.10.0-1160.41.1.el7 |
| redhat/kernel-rt | <0:4.18.0-348.rt7.130.el8 | 0:4.18.0-348.rt7.130.el8 |
| redhat/kernel | <0:4.18.0-348.el8 | 0:4.18.0-348.el8 |
| redhat/kernel | <5.12 | 5.12 |
| IBM Data Risk Manager | <=2.0.6 | |
| Linux Kernel | <5.11.11 | |
| Red Hat Fedora | =32 | |
| Red Hat Fedora | =33 | |
| Red Hat Fedora | =34 | |
| Debian Linux | =9.0 | |
| debian/linux | 5.10.223-1 5.10.234-1 6.1.129-1 6.1.128-1 6.12.20-1 6.12.21-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-29650 https://nvd.nist.gov/vuln/detail/CVE-2021-29650 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=175e476b8cdf2a4de7432583b49c871345e4f8a1
- https://bugzilla.redhat.com/show_bug.cgi?id=1945388
- https://access.redhat.com/errata/RHSA-2021:3328
- https://access.redhat.com/errata/RHSA-2021:3327
- https://access.redhat.com/errata/RHSA-2021:4140
- https://access.redhat.com/errata/RHSA-2021:4356
- https://access.redhat.com/security/cve/cve-2021-29650
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1
- https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
- https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/
- https://launchpad.net/bugs/cve/CVE-2021-29650
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1945389
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=175e476b8cdf2a4de7432583b49c871345e4f8a1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/199201
- https://www.ibm.com/support/pages/node/6497499 (Advisory)
- https://git.kernel.org/linus/175e476b8cdf2a4de7432583b49c871345e4f8a1
- https://security-tracker.debian.org/tracker/CVE-2021-29650
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29650
- https://nvd.nist.gov/vuln/detail/CVE-2021-29650
- https://ubuntu.com/security/CVE-2021-29650
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2021-29650?
CVE-2021-29650 has been classified as a medium-severity vulnerability due to its potential to cause denial-of-service conditions.
How do I fix CVE-2021-29650?
To fix CVE-2021-29650, upgrade your Linux kernel to the recommended version specified by your distribution.
What systems are affected by CVE-2021-29650?
CVE-2021-29650 affects various versions of the Linux kernel across different distributions including Red Hat, Debian, and Fedora.
What kind of attack is associated with CVE-2021-29650?
CVE-2021-29650 is associated with a denial-of-service (DoS) attack that can be executed by a local attacker.
Is there a known exploit for CVE-2021-29650?
As of now, there are no publicly available exploits specifically targeting CVE-2021-29650.
- collector/redhat-cve
- agent/weakness
- agent/type
- collector/launchpad-cve
- source/Launchpad
- agent/first-publish-date
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-29650
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/last-modified-date
- agent/trending
- agent/source
- agent/author
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup-request
- collector/usn-cve
- source/Ubuntu
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/ibm
- canonical/ibm data risk manager
- version/ibm data risk manager/2.0.6
- vendor/linux
- canonical/linux kernel
- vendor/fedoraproject
- canonical/red hat fedora
- version/red hat fedora/32
- version/red hat fedora/33
- version/red hat fedora/34
- vendor/debian
- canonical/debian linux
- version/debian linux/9.0
- package-manager/debian