CVE-2021-43267

CRITICAL

Linux Kernel < 5.14.16 - Remote Denial of Service via TIPC MSG_CRYPTO Size Validation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-43267. PoCs published by zzhacked, DarkSprings.

AI-analyzed exploit summary This is a local proof-of-concept exploit for CVE-2021-43267, targeting a heap overflow vulnerability in the Linux TIPC module. The exploit demonstrates arbitrary code execution by manipulating TIPC messages and leveraging kernel memory corruption.

Description

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.

Exploits (2)

nomisec WORKING POC 4 stars

by zzhacked · poc

https://github.com/zzhacked/CVE-2021-43267

View Code ZIP pw:eip

This is a local proof-of-concept exploit for CVE-2021-43267, targeting a heap overflow vulnerability in the Linux TIPC module. The exploit demonstrates arbitrary code execution by manipulating TIPC messages and leveraging kernel memory corruption.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Complex

Reliability

Racy

Target: Linux Kernel (with TIPC module loaded)

No auth needed

Prerequisites: TIPC module loaded · Local access to the target system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec STUB

by DarkSprings · poc

https://github.com/DarkSprings/CVE-2021-43267-POC

View Code ZIP pw:eip

The repository contains only a README.md with minimal content, lacking any exploit code or technical details. It claims to be a PoC for CVE-2021-43267 but provides no functional proof-of-concept.

Classification

Stub 10%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Patch, Third Party Advisory x_refsource_misc

https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0

View Patch ZIP pw:eip

Mailing List, Release Notes, Vendor Advisory x_refsource_misc

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20211125-0002/

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2022/02/10/1

Scores

CVSS v3 9.8

EPSS 0.7262

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1284

Status published

Products (10)

fedoraproject/fedora 34

fedoraproject/fedora 35

linux/linux_kernel 5.10 - 5.10.77

netapp/h300e_firmware

netapp/h300s_firmware

netapp/h410s_firmware

netapp/h500e_firmware

netapp/h500s_firmware

netapp/h700e_firmware

netapp/h700s_firmware

Published Nov 02, 2021

Tracked Since Feb 18, 2026