CVE-2021-43267

Description from NVD

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

Information Acquisition Date:2022-02-16T14:42Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0
     source:MISC
     tags:Patch    Third Party Advisory    
 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16
     source:MISC
     tags:Mailing List    Release Notes    Vendor Advisory    
 FEDORA-2021-a093973910
     source:FEDORA
     tags:Mailing List    Third Party Advisory    
 FEDORA-2021-bdd146e463
     source:FEDORA
     tags:Mailing List    Third Party Advisory    
 https://security.netapp.com/advisory/ntap-20211125-0002/
     source:CONFIRM
     tags:Third Party Advisory    
 [oss-security] 20220210 CVE-2022-0435: Remote Stack Overflow in Linux Kernel TIPC Module since 4.8 (net/tipc)
     source:MLIST
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Linux(1 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...235
https://twitter.com/TheHackersNews/status/14562328642786672655
https://www.appgate.com/blog/a-remote-stack-overflow-in-the...4
https://securityaffairs.co/wordpress/124191/hacking/linux-k...4
https://s1.ai/wmkPFR3
https://zpr.io/6CWrP3
https://haxx.in/posts/pwning-tipc/3
https://github.com/ohnonoyesyes/CVE-2021-432673
https://threatpost.com/critical-linux-kernel-bug/176000/3
https://thehackernews.com/2021/11/critical-rce-vulnerabilit...3
https://securityonline.info/cve-2021-43267-poc/3
https://www.sentinelone.com/labs/tipc-remote-linux-kernel-h...3
https://www.kennasecurity.com/blog/march-vuln-of-the-month-...3

Information from Twitter

User URL Info Source Date
threatintelctr https://nvd.nist.gov/vuln/detail/CVE-2021-43267 Source threatintelctr   1588006098115723264 2022/11/03

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com235
twitter.com5
www.appgate.com4
securityaffairs.co4
s1.ai3
zpr.io3
haxx.in3
github.com3
threatpost.com3
thehackernews.com3
securityonline.info3
www.sentinelone.com3
www.kennasecurity.com3

Information from Twitter

User URL Info Source
threatintelctr nvd.nist.gov Show Tweet

GitHub Search Results: Up to 10
NameURL
ohnonoyesyes/CVE-2021-43267 https://github.com/ohnonoyesyes/CVE-2021-43267
DarkSprings/CVE-2021-43267-POC https://github.com/DarkSprings/CVE-2021-43267-POC

GitHub Search Results: Up to 10
NameURL
ohnonoyesyes/CVE-2021-43267 github.com
DarkSprings/CVE-2021-43267-POC github.com

2022/11/03 Score : 0
Added Har-sia Database : 2021/11/03
Last Modified : 2022/11/03
Highest Scored Date : 2021/11/05
Highest Score : 47