CVE-2021-45485

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:e-series_santricity_os_controller:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:all_flash_fabric-attached_storage_8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:all_flash_fabric-attached_storage_8300:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:fabric-attached_storage_8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fabric-attached_storage_8300:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:all_flash_fabric-attached_storage_8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:all_flash_fabric-attached_storage_8700:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:fabric-attached_storage_8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fabric-attached_storage_8700:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:fabric-attached_storage_a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fabric-attached_storage_a400:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

History

24 Feb 2023, 15:07

Type Values Removed Values Added
CPE cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller_8700:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h610c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h615c:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller_a400:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller_8300:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h610s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fabric-attached_storage_8700:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fabric-attached_storage_8300:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:fabric-attached_storage_a400:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:all_flash_fabric-attached_storage_8700:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fabric-attached_storage_8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fabric-attached_storage_a400_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:all_flash_fabric-attached_storage_8300:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:all_flash_fabric-attached_storage_8700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:fabric-attached_storage_8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:all_flash_fabric-attached_storage_8300_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
First Time Netapp fabric-attached Storage 8300
Netapp h500e
Netapp h700s
Netapp h610c
Netapp all Flash Fabric-attached Storage 8700
Netapp h410s
Netapp h700e Firmware
Netapp aff A400 Firmware
Netapp h610s
Netapp h300s
Netapp h615c Firmware
Netapp h410s Firmware
Netapp h410c Firmware
Netapp h300s Firmware
Netapp aff A400
Netapp h500e Firmware
Netapp fabric-attached Storage A400 Firmware
Netapp h610c Firmware
Oracle communications Cloud Native Core Binding Support Function
Netapp h615c
Netapp all Flash Fabric-attached Storage 8300
Netapp h500s
Oracle communications Cloud Native Core Policy
Netapp fabric-attached Storage 8700
Netapp fabric-attached Storage 8300 Firmware
Netapp fabric-attached Storage 8700 Firmware
Netapp h300e Firmware
Netapp hci Compute Node Firmware
Oracle communications Cloud Native Core Network Exposure Function
Netapp h610s Firmware
Netapp h300e
Netapp h700e
Netapp all Flash Fabric-attached Storage 8300 Firmware
Netapp h700s Firmware
Oracle
Netapp all Flash Fabric-attached Storage 8700 Firmware
Netapp fabric-attached Storage A400
Netapp h500s Firmware
Netapp h410c

25 Jul 2022, 18:18

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

12 Apr 2022, 18:15

Type Values Removed Values Added
References (CONFIRM) https://security.netapp.com/advisory/ntap-20220121-0001/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20220121-0001/ - Third Party Advisory
First Time Netapp baseboard Management Controller H410s
Netapp e-series Santricity Os Controller
Netapp
Netapp baseboard Management Controller H500e
Netapp solidfire\, Enterprise Sds \& Hci Storage Node
Netapp fas\/aff Baseboard Management Controller A400
Netapp fas\/aff Baseboard Management Controller 8700
Netapp baseboard Management Controller H300s
Netapp baseboard Management Controller H610s
Netapp baseboard Management Controller H615c
Netapp baseboard Management Controller H610c
Netapp baseboard Management Controller H700s
Netapp solidfire \& Hci Management Node
Netapp baseboard Management Controller H500s
Netapp baseboard Management Controller H700e
Netapp brocade Fabric Operating System Firmware
Netapp fas\/aff Baseboard Management Controller 8300
Netapp baseboard Management Controller H410c
Netapp baseboard Management Controller H300e
Netapp hci Compute Node
CPE cpe:2.3:h:netapp:baseboard_management_controller_h610s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire\,_enterprise_sds_\&_hci_storage_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h610c:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller_a400:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller_8300:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:e-series_santricity_os_controller:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h615c:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:fas\/aff_baseboard_management_controller_8700:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*

21 Jan 2022, 12:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20220121-0001/ -

11 Jan 2022, 15:38

Type Values Removed Values Added
References (MISC) https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 - (MISC) https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3 - Release Notes, Vendor Advisory
References (MISC) https://arxiv.org/pdf/2112.09604.pdf - (MISC) https://arxiv.org/pdf/2112.09604.pdf - Technical Description, Third Party Advisory
References (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99 - (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99 - Patch, Vendor Advisory
CWE CWE-327
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 5.0
v3 : 7.5
First Time Linux linux Kernel
Linux

25 Dec 2021, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-12-25 02:15

Updated : 2023-12-10 14:09


NVD link : CVE-2021-45485

Mitre link : CVE-2021-45485

CVE.ORG link : CVE-2021-45485


JSON object : View

Products Affected

netapp

  • h700s_firmware
  • h615c_firmware
  • h700e
  • hci_compute_node
  • h610c
  • h700e_firmware
  • all_flash_fabric-attached_storage_8300_firmware
  • all_flash_fabric-attached_storage_8700_firmware
  • h700s
  • h300s_firmware
  • h610s
  • aff_a400_firmware
  • fabric-attached_storage_8300
  • fabric-attached_storage_8700
  • fabric-attached_storage_8700_firmware
  • hci_compute_node_firmware
  • h300s
  • solidfire_\&_hci_management_node
  • h300e
  • h500e_firmware
  • all_flash_fabric-attached_storage_8300
  • fabric-attached_storage_a400
  • h610s_firmware
  • h410c_firmware
  • fabric-attached_storage_8300_firmware
  • h610c_firmware
  • h410c
  • e-series_santricity_os_controller
  • aff_a400
  • h410s
  • h500s
  • all_flash_fabric-attached_storage_8700
  • h615c
  • solidfire\,_enterprise_sds_\&_hci_storage_node
  • h410s_firmware
  • h300e_firmware
  • h500s_firmware
  • brocade_fabric_operating_system_firmware
  • h500e
  • fabric-attached_storage_a400_firmware

linux

  • linux_kernel

oracle

  • communications_cloud_native_core_policy
  • communications_cloud_native_core_binding_support_function
  • communications_cloud_native_core_network_exposure_function
CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm