ghsa-wmrp-qwhx-cpwv
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
xen/netback: don't queue unlimited number of packages
In case a guest isn't consuming incoming network traffic as fast as it is coming in, xen-netback is buffering network packages in unlimited numbers today. This can result in host OOM situations.
Commit f48da8b14d04ca8 ("xen-netback: fix unlimited guest Rx internal queue and carrier flapping") meant to introduce a mechanism to limit the amount of buffered data by stopping the Tx queue when reaching the data limit, but this doesn't work for cases like UDP.
When hitting the limit don't queue further SKBs, but drop them instead. In order to be able to tell Rx packages have been dropped increment the rx_dropped statistics counter in this case.
It should be noted that the old solution to continue queueing SKBs had the additional problem of an overflow of the 32-bit rx_queue_len value would result in intermittent Tx queue enabling.
This is part of XSA-392
{
"affected": [],
"aliases": [
"CVE-2021-47581"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-06-19T15:15:52Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/netback: don\u0027t queue unlimited number of packages\n\nIn case a guest isn\u0027t consuming incoming network traffic as fast as it\nis coming in, xen-netback is buffering network packages in unlimited\nnumbers today. This can result in host OOM situations.\n\nCommit f48da8b14d04ca8 (\"xen-netback: fix unlimited guest Rx internal\nqueue and carrier flapping\") meant to introduce a mechanism to limit\nthe amount of buffered data by stopping the Tx queue when reaching the\ndata limit, but this doesn\u0027t work for cases like UDP.\n\nWhen hitting the limit don\u0027t queue further SKBs, but drop them instead.\nIn order to be able to tell Rx packages have been dropped increment the\nrx_dropped statistics counter in this case.\n\nIt should be noted that the old solution to continue queueing SKBs had\nthe additional problem of an overflow of the 32-bit rx_queue_len value\nwould result in intermittent Tx queue enabling.\n\nThis is part of XSA-392",
"id": "GHSA-wmrp-qwhx-cpwv",
"modified": "2024-06-19T15:30:55Z",
"published": "2024-06-19T15:30:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47581"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0928efb09178e01d3dc8e8849aa1c807436c3c37"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0d99b3c6bd39a0a023e972d8f912fd47698bbbb8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/88f20cccbeec9a5e83621df5cc2453b5081454dc"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9bebb2eedf679b3be4acaa20efda97f32c999d74"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b4226b387436315e7f57465c15335f4f4b5b075d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bd926d189210cd1d5b4e618e45898053be6b4b3b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/be81992f9086b230623ae3ebbc85ecee4d00a3d3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/c9f17e92917fd5786be872626a3928979ecc4c39"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.