CVE-2021-45485
First published: Mon May 31 2021(Updated: )
An information leak flaw was found in the Linux kernel’s IPv6 implementation in the __ipv6_select_ident in net/ipv6/output_core.c function. The use of a small hash table in IP ID generation allows a remote attacker to reveal sensitive information.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:4.18.0-372.9.1.rt7.166.el8 | 0:4.18.0-372.9.1.rt7.166.el8 |
| redhat/kernel | <0:4.18.0-372.9.1.el8 | 0:4.18.0-372.9.1.el8 |
| redhat/kernel-rt | <0:4.18.0-305.65.1.rt7.137.el8_4 | 0:4.18.0-305.65.1.rt7.137.el8_4 |
| redhat/kernel | <0:4.18.0-305.65.1.el8_4 | 0:4.18.0-305.65.1.el8_4 |
| redhat/kernel | <5.14 | 5.14 |
| Linux Linux kernel | <5.13.3 | |
| NetApp E-Series SANtricity OS Controller | ||
| Netapp Solidfire\, Enterprise Sds \& Hci Storage Node | ||
| Netapp Solidfire \& Hci Management Node | ||
| Netapp Brocade Fabric Operating System Firmware | ||
| Oracle Communications Cloud Native Core Binding Support Function | =22.1.3 | |
| Oracle Communications Cloud Native Core Network Exposure Function | =22.1.1 | |
| Oracle Communications Cloud Native Core Policy | =22.2.0 | |
| Netapp All Flash Fabric-attached Storage 8300 Firmware | ||
| Netapp All Flash Fabric-attached Storage 8300 | ||
| Netapp Fabric-attached Storage 8300 Firmware | ||
| Netapp Fabric-attached Storage 8300 | ||
| Netapp All Flash Fabric-attached Storage 8700 Firmware | ||
| Netapp All Flash Fabric-attached Storage 8700 | ||
| Netapp Fabric-attached Storage 8700 Firmware | ||
| Netapp Fabric-attached Storage 8700 | ||
| Netapp Aff A400 Firmware | ||
| Netapp Aff A400 | ||
| Netapp Fabric-attached Storage A400 Firmware | ||
| Netapp Fabric-attached Storage A400 | ||
| Netapp Hci Compute Node Firmware | ||
| Netapp Hci Compute Node | ||
| Netapp H300e Firmware | ||
| Netapp H300e | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| Netapp H500e Firmware | ||
| Netapp H500e | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| Netapp H610c Firmware | ||
| Netapp H610c | ||
| Netapp H610s Firmware | ||
| Netapp H610s | ||
| Netapp H615c Firmware | ||
| Netapp H615c | ||
| Netapp H700e Firmware | ||
| Netapp H700e | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| All of | ||
| Netapp All Flash Fabric-attached Storage 8300 Firmware | ||
| Netapp All Flash Fabric-attached Storage 8300 | ||
| All of | ||
| Netapp Fabric-attached Storage 8300 Firmware | ||
| Netapp Fabric-attached Storage 8300 | ||
| All of | ||
| Netapp All Flash Fabric-attached Storage 8700 Firmware | ||
| Netapp All Flash Fabric-attached Storage 8700 | ||
| All of | ||
| Netapp Fabric-attached Storage 8700 Firmware | ||
| Netapp Fabric-attached Storage 8700 | ||
| All of | ||
| Netapp Aff A400 Firmware | ||
| Netapp Aff A400 | ||
| All of | ||
| Netapp Fabric-attached Storage A400 Firmware | ||
| Netapp Fabric-attached Storage A400 | ||
| All of | ||
| Netapp Hci Compute Node Firmware | ||
| Netapp Hci Compute Node | ||
| All of | ||
| Netapp H300e Firmware | ||
| Netapp H300e | ||
| All of | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| All of | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| All of | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| All of | ||
| Netapp H500e Firmware | ||
| Netapp H500e | ||
| All of | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| All of | ||
| Netapp H610c Firmware | ||
| Netapp H610c | ||
| All of | ||
| Netapp H610s Firmware | ||
| Netapp H610s | ||
| All of | ||
| Netapp H615c Firmware | ||
| Netapp H615c | ||
| All of | ||
| Netapp H700e Firmware | ||
| Netapp H700e | ||
| All of | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-45485 https://nvd.nist.gov/vuln/detail/CVE-2021-45485 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99 https://lore.kernel.org/all/20210529110746.6796-1-w@1wt.eu/
- https://bugzilla.redhat.com/show_bug.cgi?id=2039911
- https://access.redhat.com/errata/RHSA-2022:1975
- https://access.redhat.com/errata/RHSA-2022:1988
- https://access.redhat.com/errata/RHSA-2022:6991
- https://access.redhat.com/errata/RHSA-2022:6983
- https://access.redhat.com/security/cve/cve-2021-45485
- https://arxiv.org/pdf/2112.09604.pdf
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99
- https://security.netapp.com/advisory/ntap-20220121-0001/
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://launchpad.net/bugs/cve/CVE-2021-45485
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2039912
- https://git.kernel.org/linus/62f20e068ccc50d6ab66fdb72ba90da2b9418c99
- https://security-tracker.debian.org/tracker/CVE-2021-45485
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45485
- https://nvd.nist.gov/vuln/detail/CVE-2021-45485
- https://ubuntu.com/security/CVE-2021-45485
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-45485
- agent/software-canonical-lookup
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- collector/usn-cve
- source/Ubuntu
- agent/description
- collector/nvd-cve
- source/NVD
- agent/last-modified-date
- collector/nvd-api
- agent/author
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/trending
- package-manager/redhat
- vendor/linux
- canonical/linux linux kernel
- vendor/netapp
- canonical/netapp e-series santricity os controller
- canonical/netapp solidfire\, enterprise sds \& hci storage node
- canonical/netapp solidfire \& hci management node
- canonical/netapp brocade fabric operating system firmware
- vendor/oracle
- canonical/oracle communications cloud native core binding support function
- version/oracle communications cloud native core binding support function/22.1.3
- canonical/oracle communications cloud native core network exposure function
- version/oracle communications cloud native core network exposure function/22.1.1
- canonical/oracle communications cloud native core policy
- version/oracle communications cloud native core policy/22.2.0
- canonical/netapp all flash fabric-attached storage 8300 firmware
- canonical/netapp all flash fabric-attached storage 8300
- canonical/netapp fabric-attached storage 8300 firmware
- canonical/netapp fabric-attached storage 8300
- canonical/netapp all flash fabric-attached storage 8700 firmware
- canonical/netapp all flash fabric-attached storage 8700
- canonical/netapp fabric-attached storage 8700 firmware
- canonical/netapp fabric-attached storage 8700
- canonical/netapp aff a400 firmware
- canonical/netapp aff a400
- canonical/netapp fabric-attached storage a400 firmware
- canonical/netapp fabric-attached storage a400
- canonical/netapp hci compute node firmware
- canonical/netapp hci compute node
- canonical/netapp h300e firmware
- canonical/netapp h300e
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h410c firmware
- canonical/netapp h410c
- canonical/netapp h410s firmware
- canonical/netapp h410s
- canonical/netapp h500e firmware
- canonical/netapp h500e
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h610c firmware
- canonical/netapp h610c
- canonical/netapp h610s firmware
- canonical/netapp h610s
- canonical/netapp h615c firmware
- canonical/netapp h615c
- canonical/netapp h700e firmware
- canonical/netapp h700e
- canonical/netapp h700s firmware
- canonical/netapp h700s
- package-manager/debian