CVE-2021-20297

Published: May 26, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.

Affected (4)

Products: Gnome: Networkmanager · Redhat: Enterprise Linux, Openshift Container Platform · Fedoraproject: Fedora

1 product

2 products

Openshift Container Platform

Fedoraproject

1 product

Fedora

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Gnome Networkmanager	Before 1.30.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Openshift Container Platform	Version 4.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 33

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

https://bugzilla.redhat.com/show_bug.cgi?id=1943282

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1943282

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

Timeline

No history available yet.