CVE-2021-45486 Information
Share on:
Jun 06, 2022
cve
Description
In the IPv4 implementation in the Linux kernel before 5.12.4 net/ipv4/route.c has an information leak because the hash table is very small.
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Reference
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/ipv4/route.c?id=aa6dd211e4b1dde9d5dc25d699d35f789ae7eeba https://arxiv.org/pdf/2112.09604.pdf
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
NONE
Base Score
NONE
Base Severity
3.5