What is CVE-2021-43267?

CVE-2021-43267 is a vulnerability in N/a. Published 2021-11-02.

Is CVE-2021-43267 known to be exploited?

35 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-43267

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG…

EPSS: 0.726 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0 (x_refsource_MISC)
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16 (x_refsource_MISC)
FEDORA-2021-a093973910 (vendor-advisory, x_refsource_FEDORA)
FEDORA-2021-bdd146e463 (vendor-advisory, x_refsource_FEDORA)
security.netapp.com/advisory/ntap-20211125-0002/ (x_refsource_CONFIRM)
[oss-security] 20220210 CVE-2022-0435: Remote Stack Overflow in Linux Kernel TIPC Module since 4.8 (net/tipc) (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2021-43267?: CVE-2021-43267 is a vulnerability in N/a. Published 2021-11-02.
Is CVE-2021-43267 known to be exploited?: 35 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.