7.8

CVE-2021-47293

net/sched: act_skbmod: Skip non-Ethernet packets

In the Linux kernel, the following vulnerability has been resolved:

net/sched: act_skbmod: Skip non-Ethernet packets

Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2
protocol, which is not always the case.  As an example, for CAN devices:

	$ ip link add dev vcan0 type vcan
	$ ip link set up vcan0
	$ tc qdisc add dev vcan0 root handle 1: htb
	$ tc filter add dev vcan0 parent 1: protocol ip prio 10 \
		matchall action skbmod swap mac

Doing the above silently corrupts all the packets.  Do not perform skbmod
actions for non-Ethernet packets.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.9 < 4.19.199
LinuxLinux Kernel Version >= 4.20 < 5.4.136
LinuxLinux Kernel Version >= 5.5 < 5.10.54
LinuxLinux Kernel Version >= 5.11 < 5.13.6
LinuxLinux Kernel Version5.14 Updaterc1
LinuxLinux Kernel Version5.14 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.14
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/071729150be9e1d1b851b70efb6d91ee9269d57b
Patch
https://git.kernel.org/stable/c/34f1e1f657fae2891b485a3b2b95fe4d2aef9f0d
Patch
https://git.kernel.org/stable/c/727d6a8b7ef3d25080fad228b2c4a1d4da5999c6
Patch
https://git.kernel.org/stable/c/a88414fb1117f2fe65fb88e45ba694e1d09d5024
Patch
https://git.kernel.org/stable/c/e4fdca366806f6bab374d1a95e626a10a3854b0c
Patch