An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2021/03/05/1 | Mailing List Patch Third Party Advisory |
http://xenbits.xen.org/xsa/advisory-367.html | Patch Vendor Advisory |
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2991397d23ec597405b116d96de3813420bdcbc3 | |
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210409-0001/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
25 Mar 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Aug 2023, 14:25
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:5.12:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.12:rc2:*:*:*:*:*:* |
16 May 2022, 20:58
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:* |
|
First Time |
Netapp
Netapp cloud Backup Netapp solidfire Baseboard Management Controller Firmware |
|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210409-0001/ - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html - Third Party Advisory |
09 Apr 2021, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Mar 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Mar 2021, 18:52
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/03/05/1 - Mailing List, Patch, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
09 Mar 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Mar 2021, 16:09
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/03/05/1 - Patch, Third Party Advisory | |
References | (MISC) http://xenbits.xen.org/xsa/advisory-367.html - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.9
v3 : 6.5 |
CPE | cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CWE | CWE-770 |
05 Mar 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Mar 2021, 18:34
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-05 18:15
Updated : 2024-03-25 01:15
NVD link : CVE-2021-28038
Mitre link : CVE-2021-28038
CVE.ORG link : CVE-2021-28038
JSON object : View
Products Affected
linux
- linux_kernel
netapp
- solidfire_baseboard_management_controller_firmware
- cloud_backup
debian
- debian_linux
CWE
CWE-770
Allocation of Resources Without Limits or Throttling