#VU91666 Integer underflow in Linux kernel - CVE-2021-47222

Cybersecurity Help s.r.o.

Published: 2024-06-10

Vulnerability identifier: #VU91666

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47222

CWE-ID: CWE-191

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer underflow within the br_handle_egress_vlan_tunnel() function in net/bridge/br_vlan_tunnel.c. A local user can execute arbitrary code.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/42020f7f37a90d24b9551f5f7eba3f7c7c102968
https://git.kernel.org/stable/c/84fc1c944e45ab317e2e70a0e7f76fa2a5e43b6e
https://git.kernel.org/stable/c/79855be6445b6592bddb7bd7167083ec8cdbd73f
https://git.kernel.org/stable/c/fc7fdd8c5c2ad2fe3e297698be9d4dbe4a4e0579
https://git.kernel.org/stable/c/25053a8404ba17ca48f5553d487afc1882e9f56c
https://git.kernel.org/stable/c/cfc579f9d89af4ada58c69b03bcaa4887840f3b3

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Integer underflow in Linux kernel bridge