{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T19:28:45.751","vulnerabilities":[{"cve":{"id":"CVE-2021-28691","sourceIdentifier":"security@xen.org","published":"2021-06-29T12:15:08.543","lastModified":"2024-11-21T06:00:09.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will lead to a use-after-free in Linux netback when the backend is destroyed, as the kernel thread associated with queue 0 will have already exited and thus the call to kthread_stop will be performed against a stale pointer."},{"lang":"es","value":"Un uso de memoria previamente liberada desencadenado por el usuario en Linux xen-netback. Un frontend de red PV malicioso o con errores puede forzar a Linux netback a deshabilitar la interfaz y terminar el hilo del kernel de recepción asociado a la cola 0 en respuesta al envío de un paquete malformado por parte del frontend. Esta terminación del hilo del kernel conllevará un uso de memoria previamente liberada en Linux netback cuando es destruído el backend, ya que el hilo del kernel asociado a la cola 0 ya habrá salido y, por tanto, la llamada a la función kthread_stop se llevará a cabo contra un puntero obsoleto"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.0","versionEndExcluding":"5.12.2","matchCriteriaId":"BB0E8A86-EB95-4011-BF7A-D608DB359332"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","matchCriteriaId":"5C2089EE-5D7F-47EC-8EA5-0F69790564C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*","matchCriteriaId":"CDDF61B7-EC5C-467C-B710-B89F502CD04F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6770B6C3-732E-4E22-BF1C-2D2FD610061C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*","matchCriteriaId":"9F9C8C20-42EB-4AB5-BD97-212DEB070C43"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7FFF7106-ED78-49BA-9EC5-B889E3685D53"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*","matchCriteriaId":"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"56409CEC-5A1E-4450-AA42-641E459CC2AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*","matchCriteriaId":"B06F4839-D16A-4A61-9BB5-55B13F41E47F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"108A2215-50FB-4074-94CF-C130FA14566D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*","matchCriteriaId":"7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"32F0B6C0-F930-480D-962B-3F4EFDCC13C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*","matchCriteriaId":"803BC414-B250-4E3A-A478-A3881340D6B8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0FEB3337-BFDE-462A-908B-176F92053CEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*","matchCriteriaId":"736AEAE9-782B-4F71-9893-DED53367E102"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D0B4AD8A-F172-4558-AEC6-FF424BA2D912"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*","matchCriteriaId":"8497A4C9-8474-4A62-8331-3FE862ED4098"}]}]}],"references":[{"url":"https://security.gentoo.org/glsa/202107-30","source":"security@xen.org","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210805-0002/","source":"security@xen.org","tags":["Third Party Advisory"]},{"url":"https://xenbits.xenproject.org/xsa/advisory-374.txt","source":"security@xen.org","tags":["Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202107-30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210805-0002/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://xenbits.xenproject.org/xsa/advisory-374.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}