CVE-2021-20177

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-20177

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-20177.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-20177

Downstream

DEBIAN-CVE-2021-20177

DLA-2557-1

DSA-4843-1

OESA-2021-1086

OESA-2021-1087

SUSE-SU-2021:0347-1

SUSE-SU-2021:0348-1

SUSE-SU-2021:0353-1

SUSE-SU-2021:0354-1

SUSE-SU-2021:0427-1

SUSE-SU-2021:0433-1

SUSE-SU-2021:0532-1

UBUNTU-CVE-2021-20177

USN-4750-1

openSUSE-SU-2021:0241-1

Related

Published

2021-05-26T21:15:08Z

Modified

2025-08-09T20:01:27Z

Severity

4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAPNETADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1914719

Affected packages