CVE-2021-4028 An attacker with local access to an RDMA communications manager listener could create a socket to listen on a high port, which could lead to a list element being freed.

This issue was addressed by adding an access restriction on the setup of a listener socket. For example, the listener socket should not be allowed to be set up on a high port. Local attackers could still exploit this issue by setting up a listener socket on a high port.


Another issue in the code handling of RDMA messages over IP network connections could be used to cause a kernel panic. A remote attacker could use this flaw to trigger a kernel panic and execute arbitrary code on the system.


A flaw in the Linux kernel's implementation of the ext4 file system could be leveraged by a local attacker to cause a denial of service. An unplugged ext4 device on an ext4 file system could cause the system to hang due to the fact that no journaling functionality is implemented in ext4.


A flaw in the Linux kernel's implementation of the vhost configuration could be leveraged by a local attacker to cause a denial of service. Due to the fact that vhost configuration has no validation of input when setting virtual host configurations, a malicious virtual host configuration could be used to cause a host system to abruptly abort.


A flaw in the Linux kernel's handling of memory bus assignment when using memory hot-add could be leveraged by a local attacker to cause a denial of service. Due to the fact that Linux does not have support for memory hot-add through an ACPI interface, a local attacker could use this flaw to crash the system.


A

Linux kernel – Device Drivers

, Features, and Utilities

1. CVE-2021-4028
This issue was addressed by adding an access restriction on the setup of a listener socket. For example, the listener socket should not be allowed to be set up on a high port. Local attackers could still exploit this issue by setting up a listener socket on a high port.
2. Another issue in the code handling of RDMA messages over IP network connections could be used to cause a kernel panic. A remote attacker could use this flaw to trigger a kernel panic and execute arbitrary code on the system.
3. A flaw in the Linux kernel's implementation of the ext4 file system could be leveraged by a local attacker to cause a denial of service. An unplugged ext4 device on an ext4 file system could cause the system to hang due to the fact that no journaling functionality is implemented in ext4.
4. A flaw in the Linux kernel's implementation of the vhost configuration could be leveraged by a local attacker to cause a denial of service. Due to the fact that vhost configuration has no validation of input when setting virtual host configurations, a malicious virtual host configuration could be used to cause a host system to abruptly abort.
5. A flaw in the Linux kernel's handling of memory bus assignment when using memory hot-add could be leveraged by a local attacker to cause a denial of service. Due to the fact that Linux does not have support for memory hot-

Linux kernel network protocol security issues

The Linux kernel contains multiple issues relating to the network protocol security. These issues include information leaks, buffer overflows, and memory corruption.


A flaw in the Linux kernel's handling of incoming IP fragments could be leveraged by a remote attacker to cause a denial of service. An attacker could use this issue to craft an IP packet with an excessively long payload which could cause the system to hang due to the fact that no outbound path is available for processing.


A flaw in the Linux kernel's handling of incoming TCP segments could be leveraged by a remote attacker to cause a denial of service. Due to the fact that no outbound path is available for processing traffic, this issue would cause the system to hang due to not being able to process incoming packets.

Linux Kernel - Networking and Communications

1. CVE-2021-4028
A flaw in the Linux kernel's implementation of the ext4 file system could be leveraged by a local attacker to cause a denial of service. An unplugged ext4 device on an ext4 file system could cause the system to hang due to the fact that no journaling functionality is implemented in ext4.
2. CVE-2021-4029
A flaw in the Linux kernel's handling of memory bus assignment when using memory hot-add could be leveraged by a local attacker to cause a denial of service. Due to the fact that Linux does not have support for memory hot-add through an ACPI interface, a local attacker could use this flaw to crash the system.

Timeline

Published on: 08/24/2022 16:15:00 UTC
Last modified on: 08/29/2022 16:20:00 UTC

References

• https://lkml.org/lkml/2021/10/4/697
• https://bugzilla.redhat.com/show_bug.cgi?id=2027201
• https://access.redhat.com/security/cve/CVE-2021-4028
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74
• https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4028