Login Sign Up

CVE-2021-47291

7.1 HIGH
Denial of Service

📋 TL;DR

This is a memory corruption vulnerability in the Linux kernel's IPv6 routing subsystem that can cause slab-out-of-bounds reads/writes. It affects Linux systems with IPv6 enabled and can potentially lead to kernel crashes or privilege escalation. The vulnerability occurs during route exception cleanup when fib6_metrics initialization fails.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated, but references indicate stable kernel patches from 2021
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires IPv6 to be enabled and configured. Systems with complex IPv6 routing configurations may be more susceptible.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, or potential privilege escalation to kernel mode allowing full system compromise.

🟠

Likely Case

Kernel crash causing system instability or denial of service, requiring reboot to restore functionality.

🟢

If Mitigated

System remains stable if exploit attempts are blocked or fail, with no impact on availability.

🌐 Internet-Facing: MEDIUM - Requires IPv6 connectivity and specific kernel conditions, but could be triggered remotely via network packets.
🏢 Internal Only: MEDIUM - Internal systems with IPv6 routing could be affected, but exploitation requires specific conditions.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: HIGH

Exploitation requires precise timing and conditions to trigger the memory corruption. No public exploits have been reported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 115784bcccf1, 830251361425, 8fb4792f091e, ce8fafb68051, or later

Vendor Advisory: https://git.kernel.org/stable/c/115784bcccf135c3a3548098153413d76f16aae0

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Check distribution-specific security advisories. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable IPv6

linux

Temporarily disable IPv6 to prevent exploitation

echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
sysctl -w net.ipv6.conf.all.disable_ipv6=1

Restrict IPv6 routing

linux

Limit IPv6 routing functionality to reduce attack surface

sysctl -w net.ipv6.conf.all.forwarding=0
sysctl -w net.ipv6.conf.all.accept_ra=0

🧯 If You Can't Patch

  • Implement network segmentation to isolate systems with vulnerable kernels
  • Deploy kernel hardening measures like KASAN to detect exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with patched versions. Run: uname -r and check if it's before the patched commits.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits: grep -q '115784bcccf1\|830251361425\|8fb4792f091e\|ce8fafb68051' /proc/version

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • KASAN error reports mentioning fib6_nh_flush_exceptions
  • System crash/reboot logs

Network Indicators:

  • Unusual IPv6 routing traffic patterns
  • Malformed IPv6 packets targeting routing functions

SIEM Query:

source="kernel" AND ("KASAN" OR "slab-out-of-bounds" OR "fib6_nh_flush_exceptions" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2021-47291
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: May 21, 2024
Last Updated: December 23, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47291, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)