Fetch the repository succeeded.
一、漏洞信息
漏洞编号:
漏洞归属组件:
漏洞归属的版本:
CVSS V3.0分值:
漏洞简述:
漏洞公开时间:
漏洞创建时间:
漏洞详情参考链接:
漏洞分析指导链接:
https://gitee.com/openeuler/cve-manager/blob/master/doc/md/manual.md
二、漏洞分析结构反馈
影响性分析说明:
openEuler评分:
受影响版本排查(受影响/不受影响):
openeuler-ci-bot
member
Hi xuewenzhen, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at
https://gitee.com/openeuler/community/blob/master/en/sig-infrastructure/command.md.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers: @XieXiuQi , @YangYingliang , @成坚 (CHENG Jian) .
| 分支 | commit | tag |
|---|---|---|
| openEuler-1.0-LTS | 2c0e00165076e6c0d4a0d344d73735e86c03512f | tags/4.19.90-2110.3.0^0 |
| kernel-4.19 | ab388ef13b4e127325130ef7b59232080f5637e4 | kernel-4.19~577 |
影响性分析说明:
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
openEuler评分:
CVSS V3.0分值:
BaseScore:5.9 Medium
Vector:CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS(4.19.90):受影响
2.openEuler-20.03-LTS-SP1(4.19.90):受影响
3.openEuler-20.03-LTS-SP2(4.19.90):受影响
修复是否涉及abi变化(是/否):
1.openEuler-20.03-LTS(4.19.90):否
2.openEuler-20.03-LTS-SP1(4.19.90):否
3.openEuler-20.03-LTS-SP2(4.19.90):否
CVE 在这里跟踪
#I4DLSJ:CVE-2021-42008?from=project-issue
Sign in to comment
