QwikSec

Security Database

CVE

CWE

Training

CVE-2021-28038

Published: Mar 5, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://xenbits.xen.org/xsa/advisory-367.html

[oss-security] 20210305 Xen Security Advisory 367 v2 (CVE-2021-28038) - Linux: netback fails to honor grant mapping errors

mailing-list

[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update

mailing-list

[debian-lts-announce] 20210330 [SECURITY] [DLA 2610-1] linux-4.19 security update

mailing-list

https://security.netapp.com/advisory/ntap-20210409-0001/

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2991397d23ec597405b116d96de3813420bdcbc3

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.