CVE-2021-47129 in Linuxinformazioni

Riassunto

di VulDB • 14/06/2026

Nel kernel Linux, è stata risolta la seguente vulnerabilità:

netfilter: nft_ct: ignorare le aspettative per conntrack confermate

nft_ct_expect_obj_eval() chiama nf_ct_ext_add() per un'entry conntrack confermata. Tuttavia, nf_ct_ext_add() può essere chiamata solo per !nf_ct_is_confirmed().

[ 1825.349056] WARNING: CPU: 0 PID: 1279 at net/netfilter/nf_conntrack_extend.c:48 nf_ct_xt_add+0x18e/0x1a0 [nf_conntrack]
[ 1825.351391] RIP: 0010:nf_ct_ext_add+0x18e/0x1a0 [nf_conntrack]
[ 1825.351493] Code: 41 5c 41 5d 41 5e 41 5f c3 41 bc 0a 00 00 00 e9 15 ff ff ff ba 09 00 00 00 31 f6 4c 89 ff e8 69 6c 3d e9 eb 96 45 31 ed eb cd 0b e9 b1 fe ff ff e8 86 79 14 e9 eb bf 0f 1f 40 00 0f 1f 44 00
[ 1825.351721] RSP: 0018:ffffc90002e1f1e8 EFLAGS: 00010202
[ 1825.351790] RAX: 000000000000000e RBX: ffff88814f5783c0 RCX: ffffffffc0e4f887
[ 1825.351881] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88814f5783c0
[ 1825.351972] RBP: ffff88814f5783c0 R00: 0000000000000000 R01: 0000000000000000

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Fonti

Do you need the next level of professionalism?

Upgrade your account now!