---

CVE-2021-43267 - log back

CVE-2021-43267 edited at 05 Nov 2021 11:23:56
Severity	- Medium + High
Type	- Insufficient validation + Arbitrary code execution
References	+ https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.16&id=e029c9828c5b503b11a609fcc7c5840de2db3fb4 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.77&id=0b1b3e086b0af2c2faa9938c4db956fe6ce5c965

CVE-2021-43267 edited at 03 Nov 2021 09:50:02
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Insufficient validation
Description	+ An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
References	+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.14.16&id=e029c9828c5b503b11a609fcc7c5840de2db3fb4 + https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.77&id=0b1b3e086b0af2c2faa9938c4db956fe6ce5c965

CVE-2021-43267 created at 03 Nov 2021 09:48:48
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes