Main Vulnerability Database Exploits ID:8528 - Exploit for Buffer overflow in Linux kernel - CVE-2021-43267

ID:8528 - Exploit for Buffer overflow in Linux kernel - CVE-2021-43267

Published: October 23, 2022

Vulnerability identifier: #VU58209

Vulnerability risk: Medium

CVE-ID: CVE-2021-43267

CWE-ID: CWE-119

Exploitation vector: Adjecent network

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/zzhacked/CVE-2021-43267

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in net/tipc/crypto.c in the Linux kernel. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

A remote attacker can send specially crafted MSG_CRYPTO messages to the affected system, trigger memory corruption and execute arbitrary code on the system.

Remediation

Install updates from vendor's website.

ID:8528 - Exploit for Buffer overflow in Linux kernel - CVE-2021-43267

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human