CVE-2021-33098 – kernel: Improper input validation in the Intel(R) Ethernet ixgbe driver may allow an authenticated user to potentially enable DoS via local access

https://notcve.org/view.php?id=CVE-2021-33098

Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. Una comprobación de entrada inapropiada en el controlador Intel(R) Ethernet ixgbe para Linux versiones anteriores a 3.17.3, puede permitir a un usuario autenticado habilitar potencialmente una denegación de servicio por medio de un acceso local. A flaw was found in the Linux kernel. This flaw allows an attacker who can modify the MTU of a virtualized PCIe device (in a guest, for example) to crash the host system’s kernel if they set the MTU of the VF device to an unsupported value. • https://security.netapp.com/advisory/ntap-20211210-0005 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00555.html https://access.redhat.com/security/cve/CVE-2021-33098 https://bugzilla.redhat.com/show_bug.cgi?id=2068236 • CWE-20: Improper Input Validation •