{
  "threat_severity" : "Moderate",
  "public_date" : "2021-08-26T08:00:00Z",
  "bugzilla" : {
    "description" : "kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies",
    "id" : "2014230",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2014230"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-330",
  "details" : [ "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.", "A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well." ],
  "statement" : "This issue is rated as having Moderate impact because of the attack scenario limitation. It is possible to harm the networking services only, but not for the overall system under attack, and impossible to get access to this remote system under attack.",
  "acknowledgement" : "Red Hat would like to thank Keyu Man, Xin'an Zhou and Zhiyun Qian (University of California, Riverside) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-05-10T00:00:00Z",
    "advisory" : "RHSA-2022:1975",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv",
    "package" : "kernel-rt-0:4.18.0-372.9.1.rt7.166.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-05-10T00:00:00Z",
    "advisory" : "RHSA-2022:1988",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-372.9.1.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-05-31T00:00:00Z",
    "advisory" : "RHSA-2022:4835",
    "cpe" : "cpe:/a:redhat:rhel_eus:8.4::nfv",
    "package" : "kernel-rt-0:4.18.0-305.49.1.rt7.121.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support",
    "release_date" : "2022-05-31T00:00:00Z",
    "advisory" : "RHSA-2022:4829",
    "cpe" : "cpe:/o:redhat:rhel_eus:8.4",
    "package" : "kernel-0:4.18.0-305.49.1.el8_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-20322\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-20322\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=4785305c05b25a242e5314cc821f54ade4c18810\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15-rc6&id=6457378fe796815c973f631a1904e147d6ee33b1\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv4/route.c?h=v5.15-rc6&id=67d6d681e15b578c1725bad8ad079e05d1c48a8e\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/ipv6/route.c?h=v5.15-rc6&id=a00df2caffed3883c341d5685f830434312e4a43" ],
  "name" : "CVE-2021-20322",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}