CVE-2021-47010 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42
https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493
https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68
https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437
https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31
https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c
https://lore.kernel.org/linux-cve-announce/2024022830-CVE-2021-47010-6853@gregkh/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2021-47010
https://www.cve.org/CVERecord?id=CVE-2021-47010

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:linux:linux_kernel::::::::

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel:-:::::::*
Vendors & Products		Linux Linux linux Kernel
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Type	Values Removed	Values Added
Weaknesses		CWE-400
Metrics	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L'}`	cvssV3_1 `{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47010", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-27T18:42:55.953Z", "datePublished": "2024-02-28T08:13:29.051Z", "dateUpdated": "2025-05-04T07:02:15.538Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:02:15.538Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Only allow init netns to set default tcp cong to a restricted algo\n\ntcp_set_default_congestion_control() is netns-safe in that it writes\nto &net->ipv4.tcp_congestion_control, but it also sets\nca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced.\nThis has the unintended side-effect of changing the global\nnet.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it\nis read-only: 97684f0970f6 (\"net: Make tcp_allowed_congestion_control\nreadonly in non-init netns\")\n\nResolve this netns \"leak\" by only allowing the init netns to set the\ndefault algorithm to one that is restricted. This restriction could be\nremoved if tcp_allowed_congestion_control were namespace-ified in the\nfuture.\n\nThis bug was uncovered with\nhttps://github.com/JonathonReinhart/linux-netns-sysctl-verify"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/tcp_cong.c"], "versions": [{"version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "992de06308d9a9584d59b96d294ac676f924e437", "status": "affected", "versionType": "git"}, {"version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "9884f745108f7d25b189bbcd6754e284fb29ab68", "status": "affected", "versionType": "git"}, {"version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "6c1ea8bee75df8fe2184a50fcd0f70bf82986f42", "status": "affected", "versionType": "git"}, {"version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "efe1532a6e1a8e3c343d04fff510f0ed80328f9c", "status": "affected", "versionType": "git"}, {"version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "e7d7bedd507bb732e600403b7a96f9fe48d0ca31", "status": "affected", "versionType": "git"}, {"version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "8d432592f30fcc34ef5a10aac4887b4897884493", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/tcp_cong.c"], "versions": [{"version": "4.15", "status": "affected"}, {"version": "0", "lessThan": "4.15", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.191", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.119", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.37", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.11.21", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.4", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "4.19.191"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.4.119"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.10.37"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.11.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.12.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "5.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437"}, {"url": "https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68"}, {"url": "https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42"}, {"url": "https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c"}, {"url": "https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31"}, {"url": "https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493"}], "title": "net: Only allow init netns to set default tcp cong to a restricted algo", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.534Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-400", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6670e1524477", "status": "affected", "lessThan": "992de06308d9", "versionType": "custom"}, {"version": "6670e1524477", "status": "affected", "lessThan": "9884f745108f", "versionType": "custom"}, {"version": "6670e1524477", "status": "affected", "lessThan": "6c1ea8bee75d", "versionType": "custom"}, {"version": "6670e1524477", "status": "affected", "lessThan": "efe1532a6e1a", "versionType": "custom"}, {"version": "6670e1524477", "status": "affected", "lessThan": "e7d7bedd507b", "versionType": "custom"}, {"version": "6670e1524477", "status": "affected", "lessThan": "8d432592f30f", "versionType": "custom"}, {"version": "4.15", "status": "affected"}, {"version": "0", "status": "unaffected", "lessThan": "4.15", "versionType": "custom"}, {"version": "4.19.191", "status": "unaffected", "lessThanOrEqual": "4.20", "versionType": "custom"}, {"version": "5.4.119", "status": "unaffected", "lessThanOrEqual": "5.5", "versionType": "custom"}, {"version": "5.10.37", "status": "unaffected", "lessThanOrEqual": "5.11", "versionType": "custom"}, {"version": "5.11.21", "status": "unaffected", "lessThanOrEqual": "5.12", "versionType": "custom"}, {"version": "5.12.4", "status": "unaffected", "lessThanOrEqual": "5.13", "versionType": "custom"}, {"version": "5.13", "status": "unaffected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-25T15:24:31.511356Z", "id": "CVE-2021-47010", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T15:25:44.662Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-47010 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-27T18:42:55.953Z (string)

datePublished : 2024-02-28T08:13:29.051Z (string)

dateUpdated : 2025-05-04T07:02:15.538Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:02:15.538Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcp_set_default_congestion_control() is netns-safe in that it writes to &net->ipv4.tcp_congestion_control, but it also sets ca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced. This has the unintended side-effect of changing the global net.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it is read-only: 97684f0970f6 ("net: Make tcp_allowed_congestion_control readonly in non-init netns") Resolve this netns "leak" by only allowing the init netns to set the default algorithm to one that is restricted. This restriction could be removed if tcp_allowed_congestion_control were namespace-ified in the future. This bug was uncovered with https://github.com/JonathonReinhart/linux-netns-sysctl-verify (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/ipv4/tcp_cong.c (string)

]

versions : [ »

0 : { »

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 992de06308d9a9584d59b96d294ac676f924e437 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 8d432592f30fcc34ef5a10aac4887b4897884493 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/ipv4/tcp_cong.c (string)

]

versions : [ »

0 : { »

version : 4.15 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 4.15 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.19.191 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.4.119 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.10.37 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.11.21 (string)

lessThanOrEqual : 5.11.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.12.4 (string)

lessThanOrEqual : 5.12.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.13 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 4.19.191 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.4.119 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.10.37 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.11.21 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.12.4 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.15 (string)

versionEndExcluding : 5.13 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

}

4 : { »

url : https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493 (string)

}

]

title : net: Only allow init netns to set default tcp cong to a restricted algo (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:24:39.534Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : CWE (string)

cweId : CWE-400 (string)

lang : en (string)

description : CWE-400 Uncontrolled Resource Consumption (string)

}

]

}

]

affected : [ »

0 : { »

vendor : linux (string)

product : linux_kernel (string)

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : 6670e1524477 (string)

status : affected (string)

lessThan : 992de06308d9 (string)

versionType : custom (string)

}

1 : { »

version : 6670e1524477 (string)

status : affected (string)

lessThan : 9884f745108f (string)

versionType : custom (string)

}

2 : { »

version : 6670e1524477 (string)

status : affected (string)

lessThan : 6c1ea8bee75d (string)

versionType : custom (string)

}

3 : { »

version : 6670e1524477 (string)

status : affected (string)

lessThan : efe1532a6e1a (string)

versionType : custom (string)

}

4 : { »

version : 6670e1524477 (string)

status : affected (string)

lessThan : e7d7bedd507b (string)

versionType : custom (string)

}

5 : { »

version : 6670e1524477 (string)

status : affected (string)

lessThan : 8d432592f30f (string)

versionType : custom (string)

}

6 : { »

version : 4.15 (string)

status : affected (string)

}

7 : { »

version : 0 (string)

status : unaffected (string)

lessThan : 4.15 (string)

versionType : custom (string)

}

8 : { »

version : 4.19.191 (string)

status : unaffected (string)

lessThanOrEqual : 4.20 (string)

versionType : custom (string)

}

9 : { »

version : 5.4.119 (string)

status : unaffected (string)

lessThanOrEqual : 5.5 (string)

versionType : custom (string)

}

10 : { »

version : 5.10.37 (string)

status : unaffected (string)

lessThanOrEqual : 5.11 (string)

versionType : custom (string)

}

11 : { »

version : 5.11.21 (string)

status : unaffected (string)

lessThanOrEqual : 5.12 (string)

versionType : custom (string)

}

12 : { »

version : 5.12.4 (string)

status : unaffected (string)

lessThanOrEqual : 5.13 (string)

versionType : custom (string)

}

13 : { »

version : 5.13 (string)

status : unaffected (string)

lessThanOrEqual : * (string)

versionType : custom (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 7.8 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : LOW (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-07-25T15:24:31.511356Z (string)

id : CVE-2021-47010 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-08-07T15:25:44.662Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.534Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2021-47010", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-25T15:24:31.511356Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "6670e1524477", "lessThan": "992de06308d9", "versionType": "custom"}, {"status": "affected", "version": "6670e1524477", "lessThan": "9884f745108f", "versionType": "custom"}, {"status": "affected", "version": "6670e1524477", "lessThan": "6c1ea8bee75d", "versionType": "custom"}, {"status": "affected", "version": "6670e1524477", "lessThan": "efe1532a6e1a", "versionType": "custom"}, {"status": "affected", "version": "6670e1524477", "lessThan": "e7d7bedd507b", "versionType": "custom"}, {"status": "affected", "version": "6670e1524477", "lessThan": "8d432592f30f", "versionType": "custom"}, {"status": "affected", "version": "4.15"}, {"status": "unaffected", "version": "0", "lessThan": "4.15", "versionType": "custom"}, {"status": "unaffected", "version": "4.19.191", "versionType": "custom", "lessThanOrEqual": "4.20"}, {"status": "unaffected", "version": "5.4.119", "versionType": "custom", "lessThanOrEqual": "5.5"}, {"status": "unaffected", "version": "5.10.37", "versionType": "custom", "lessThanOrEqual": "5.11"}, {"status": "unaffected", "version": "5.11.21", "versionType": "custom", "lessThanOrEqual": "5.12"}, {"status": "unaffected", "version": "5.12.4", "versionType": "custom", "lessThanOrEqual": "5.13"}, {"status": "unaffected", "version": "5.13", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T15:14:36.709Z"}}], "cna": {"title": "net: Only allow init netns to set default tcp cong to a restricted algo", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "992de06308d9a9584d59b96d294ac676f924e437", "versionType": "git"}, {"status": "affected", "version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "9884f745108f7d25b189bbcd6754e284fb29ab68", "versionType": "git"}, {"status": "affected", "version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "6c1ea8bee75df8fe2184a50fcd0f70bf82986f42", "versionType": "git"}, {"status": "affected", "version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "efe1532a6e1a8e3c343d04fff510f0ed80328f9c", "versionType": "git"}, {"status": "affected", "version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "e7d7bedd507bb732e600403b7a96f9fe48d0ca31", "versionType": "git"}, {"status": "affected", "version": "6670e152447732ba90626f36dfc015a13fbf150e", "lessThan": "8d432592f30fcc34ef5a10aac4887b4897884493", "versionType": "git"}], "programFiles": ["net/ipv4/tcp_cong.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.15"}, {"status": "unaffected", "version": "0", "lessThan": "4.15", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.191", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.119", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.37", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.21", "versionType": "semver", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.4", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/ipv4/tcp_cong.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437"}, {"url": "https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68"}, {"url": "https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42"}, {"url": "https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c"}, {"url": "https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31"}, {"url": "https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Only allow init netns to set default tcp cong to a restricted algo\n\ntcp_set_default_congestion_control() is netns-safe in that it writes\nto &net->ipv4.tcp_congestion_control, but it also sets\nca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced.\nThis has the unintended side-effect of changing the global\nnet.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it\nis read-only: 97684f0970f6 (\"net: Make tcp_allowed_congestion_control\nreadonly in non-init netns\")\n\nResolve this netns \"leak\" by only allowing the init netns to set the\ndefault algorithm to one that is restricted. This restriction could be\nremoved if tcp_allowed_congestion_control were namespace-ified in the\nfuture.\n\nThis bug was uncovered with\nhttps://github.com/JonathonReinhart/linux-netns-sysctl-verify"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.191", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.119", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.37", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.11.21", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.12.4", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.13", "versionStartIncluding": "4.15"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:02:15.538Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47010", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:02:15.538Z", "dateReserved": "2024-02-27T18:42:55.953Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-28T08:13:29.051Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:24:39.534Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

cvssV3_1 : { »

scope : UNCHANGED (string)

version : 3.1 (string)

baseScore : 7.8 (number)

attackVector : LOCAL (string)

baseSeverity : HIGH (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

integrityImpact : HIGH (string)

userInteraction : NONE (string)

attackComplexity : LOW (string)

availabilityImpact : HIGH (string)

privilegesRequired : LOW (string)

confidentialityImpact : HIGH (string)

}

1 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47010 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-07-25T15:24:31.511356Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* (string)

]

vendor : linux (string)

product : linux_kernel (string)

versions : [ »

0 : { »

status : affected (string)

version : 6670e1524477 (string)

lessThan : 992de06308d9 (string)

versionType : custom (string)

}

1 : { »

status : affected (string)

version : 6670e1524477 (string)

lessThan : 9884f745108f (string)

versionType : custom (string)

}

2 : { »

status : affected (string)

version : 6670e1524477 (string)

lessThan : 6c1ea8bee75d (string)

versionType : custom (string)

}

3 : { »

status : affected (string)

version : 6670e1524477 (string)

lessThan : efe1532a6e1a (string)

versionType : custom (string)

}

4 : { »

status : affected (string)

version : 6670e1524477 (string)

lessThan : e7d7bedd507b (string)

versionType : custom (string)

}

5 : { »

status : affected (string)

version : 6670e1524477 (string)

lessThan : 8d432592f30f (string)

versionType : custom (string)

}

6 : { »

status : affected (string)

version : 4.15 (string)

}

7 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 4.15 (string)

versionType : custom (string)

}

8 : { »

status : unaffected (string)

version : 4.19.191 (string)

versionType : custom (string)

lessThanOrEqual : 4.20 (string)

}

9 : { »

status : unaffected (string)

version : 5.4.119 (string)

versionType : custom (string)

lessThanOrEqual : 5.5 (string)

}

10 : { »

status : unaffected (string)

version : 5.10.37 (string)

versionType : custom (string)

lessThanOrEqual : 5.11 (string)

}

11 : { »

status : unaffected (string)

version : 5.11.21 (string)

versionType : custom (string)

lessThanOrEqual : 5.12 (string)

}

12 : { »

status : unaffected (string)

version : 5.12.4 (string)

versionType : custom (string)

lessThanOrEqual : 5.13 (string)

}

13 : { »

status : unaffected (string)

version : 5.13 (string)

versionType : custom (string)

lessThanOrEqual : * (string)

}

]

defaultStatus : unknown (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : CWE (string)

cweId : CWE-400 (string)

description : CWE-400 Uncontrolled Resource Consumption (string)

}

]

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-08-07T15:14:36.709Z (string)

}

]

cna : { »

title : net: Only allow init netns to set default tcp cong to a restricted algo (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 992de06308d9a9584d59b96d294ac676f924e437 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 6670e152447732ba90626f36dfc015a13fbf150e (string)

lessThan : 8d432592f30fcc34ef5a10aac4887b4897884493 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : net/ipv4/tcp_cong.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 4.15 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 4.15 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.19.191 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

3 : { »

status : unaffected (string)

version : 5.4.119 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

4 : { »

status : unaffected (string)

version : 5.10.37 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

5 : { »

status : unaffected (string)

version : 5.11.21 (string)

versionType : semver (string)

lessThanOrEqual : 5.11.* (string)

}

6 : { »

status : unaffected (string)

version : 5.12.4 (string)

versionType : semver (string)

lessThanOrEqual : 5.12.* (string)

}

7 : { »

status : unaffected (string)

version : 5.13 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : net/ipv4/tcp_cong.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

}

4 : { »

url : https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcp_set_default_congestion_control() is netns-safe in that it writes to &net->ipv4.tcp_congestion_control, but it also sets ca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced. This has the unintended side-effect of changing the global net.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it is read-only: 97684f0970f6 ("net: Make tcp_allowed_congestion_control readonly in non-init netns") Resolve this netns "leak" by only allowing the init netns to set the default algorithm to one that is restricted. This restriction could be removed if tcp_allowed_congestion_control were namespace-ified in the future. This bug was uncovered with https://github.com/JonathonReinhart/linux-netns-sysctl-verify (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.191 (string)

versionStartIncluding : 4.15 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.119 (string)

versionStartIncluding : 4.15 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.37 (string)

versionStartIncluding : 4.15 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.11.21 (string)

versionStartIncluding : 4.15 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.12.4 (string)

versionStartIncluding : 4.15 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.13 (string)

versionStartIncluding : 4.15 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:02:15.538Z (string)

}

cveMetadata : { »

cveId : CVE-2021-47010 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T07:02:15.538Z (string)

dateReserved : 2024-02-27T18:42:55.953Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-02-28T08:13:29.051Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B6E6817-19A8-4C0A-8807-71DA48CF9191", "versionEndExcluding": "4.19.191", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E07BA880-1043-4674-AC45-266B3B4A44C7", "versionEndExcluding": "5.4.119", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E", "versionEndExcluding": "5.10.37", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0", "versionEndExcluding": "5.11.21", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Only allow init netns to set default tcp cong to a restricted algo\n\ntcp_set_default_congestion_control() is netns-safe in that it writes\nto &net->ipv4.tcp_congestion_control, but it also sets\nca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced.\nThis has the unintended side-effect of changing the global\nnet.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it\nis read-only: 97684f0970f6 (\"net: Make tcp_allowed_congestion_control\nreadonly in non-init netns\")\n\nResolve this netns \"leak\" by only allowing the init netns to set the\ndefault algorithm to one that is restricted. This restriction could be\nremoved if tcp_allowed_congestion_control were namespace-ified in the\nfuture.\n\nThis bug was uncovered with\nhttps://github.com/JonathonReinhart/linux-netns-sysctl-verify"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: solo permite que init netns establezca la cong tcp predeterminada en un algoritmo restringido tcp_set_default_congestion_control() es seguro para netns porque escribe en &amp;net-&gt;ipv4.tcp_congestion_control, pero tambi\u00e9n establece ca-&gt;flags |= TCP_CONG_NON_RESTRICTED que no tiene espacio de nombres. Esto tiene el efecto secundario no deseado de cambiar el sistema global net.ipv4.tcp_allowed_congestion_control, a pesar de que es de solo lectura: 97684f0970f6 (\"net: Make tcp_allowed_congestion_control readonly in non-init netns\") Resuelva esta \"fuga\" de netns solo permite que las redes de inicio establezcan el algoritmo predeterminado en uno restringido. Esta restricci\u00f3n podr\u00eda eliminarse si tcp_allowed_congestion_control tuviera un espacio de nombres en el futuro. Este error se descubri\u00f3 con https://github.com/JonathonReinhart/linux-netns-sysctl-verify"}], "id": "CVE-2021-47010", "lastModified": "2025-03-19T15:30:02.273", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-28T09:15:38.657", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5B6E6817-19A8-4C0A-8807-71DA48CF9191 (string)

versionEndExcluding : 4.19.191 (string)

versionStartIncluding : 4.15 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E07BA880-1043-4674-AC45-266B3B4A44C7 (string)

versionEndExcluding : 5.4.119 (string)

versionStartIncluding : 4.20 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E (string)

versionEndExcluding : 5.10.37 (string)

versionStartIncluding : 5.5 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 8CBB94EC-EC33-4464-99C5-03E5542715F0 (string)

versionEndExcluding : 5.11.21 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : D8C7052F-1B7B-4327-9C2B-84EBF3243838 (string)

versionEndExcluding : 5.12.4 (string)

versionStartIncluding : 5.12 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcp_set_default_congestion_control() is netns-safe in that it writes to &net->ipv4.tcp_congestion_control, but it also sets ca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced. This has the unintended side-effect of changing the global net.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it is read-only: 97684f0970f6 ("net: Make tcp_allowed_congestion_control readonly in non-init netns") Resolve this netns "leak" by only allowing the init netns to set the default algorithm to one that is restricted. This restriction could be removed if tcp_allowed_congestion_control were namespace-ified in the future. This bug was uncovered with https://github.com/JonathonReinhart/linux-netns-sysctl-verify (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: solo permite que init netns establezca la cong tcp predeterminada en un algoritmo restringido tcp_set_default_congestion_control() es seguro para netns porque escribe en &net->ipv4.tcp_congestion_control, pero también establece ca->flags |= TCP_CONG_NON_RESTRICTED que no tiene espacio de nombres. Esto tiene el efecto secundario no deseado de cambiar el sistema global net.ipv4.tcp_allowed_congestion_control, a pesar de que es de solo lectura: 97684f0970f6 ("net: Make tcp_allowed_congestion_control readonly in non-init netns") Resuelva esta "fuga" de netns solo permite que las redes de inicio establezcan el algoritmo predeterminado en uno restringido. Esta restricción podría eliminarse si tcp_allowed_congestion_control tuviera un espacio de nombres en el futuro. Este error se descubrió con https://github.com/JonathonReinhart/linux-netns-sysctl-verify (string)

}

]

id : CVE-2021-47010 (string)

lastModified : 2025-03-19T15:30:02.273 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

published : 2024-02-28T09:15:38.657 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6c1ea8bee75df8fe2184a50fcd0f70bf82986f42 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/8d432592f30fcc34ef5a10aac4887b4897884493 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9884f745108f7d25b189bbcd6754e284fb29ab68 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/992de06308d9a9584d59b96d294ac676f924e437 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e7d7bedd507bb732e600403b7a96f9fe48d0ca31 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/efe1532a6e1a8e3c343d04fff510f0ed80328f9c (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-400 (string)

}

]

source : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

type : Secondary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: net: Only allow init netns to set default tcp cong to a restricted algo", "id": "2266849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266849"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: Only allow init netns to set default tcp cong to a restricted algo\ntcp_set_default_congestion_control() is netns-safe in that it writes\nto &net->ipv4.tcp_congestion_control, but it also sets\nca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced.\nThis has the unintended side-effect of changing the global\nnet.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it\nis read-only: 97684f0970f6 (\"net: Make tcp_allowed_congestion_control\nreadonly in non-init netns\")\nResolve this netns \"leak\" by only allowing the init netns to set the\ndefault algorithm to one that is restricted. This restriction could be\nremoved if tcp_allowed_congestion_control were namespace-ified in the\nfuture.\nThis bug was uncovered with\nhttps://github.com/JonathonReinhart/linux-netns-sysctl-verify"], "name": "CVE-2021-47010", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47010\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47010\nhttps://lore.kernel.org/linux-cve-announce/2024022830-CVE-2021-47010-6853@gregkh/T/#u"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: net: Only allow init netns to set default tcp cong to a restricted algo (string)

id : 2266849 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2266849 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.4 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L (string)

status : draft (string)

}

cwe : CWE-402 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: net: Only allow init netns to set default tcp cong to a restricted algo tcp_set_default_congestion_control() is netns-safe in that it writes to &net->ipv4.tcp_congestion_control, but it also sets ca->flags |= TCP_CONG_NON_RESTRICTED which is not namespaced. This has the unintended side-effect of changing the global net.ipv4.tcp_allowed_congestion_control sysctl, despite the fact that it is read-only: 97684f0970f6 ("net: Make tcp_allowed_congestion_control readonly in non-init netns") Resolve this netns "leak" by only allowing the init netns to set the default algorithm to one that is restricted. This restriction could be removed if tcp_allowed_congestion_control were namespace-ified in the future. This bug was uncovered with https://github.com/JonathonReinhart/linux-netns-sysctl-verify (string)

]

name : CVE-2021-47010 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-02-28T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-47010 https://nvd.nist.gov/vuln/detail/CVE-2021-47010 https://lore.kernel.org/linux-cve-announce/2024022830-CVE-2021-47010-6853@gregkh/T/#u (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object