CVE-2021-45485

HIGH

Linux Kernel < 5.13.3 - Information Disclosure via IPv6 Source Address Hash Table

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-45485. PoCs published by Satheesh575555.

AI-analyzed exploit summary This repository appears to be a documentation dump from a Linux kernel tree (version 4.19.72) and does not contain exploit code or a PoC for CVE-2021-45485. The files provided are standard kernel documentation and configuration scripts.

Description

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.

Exploits (1)

nomisec WRITEUP

by Satheesh575555 · poc

https://github.com/Satheesh575555/linux-4.19.72_CVE-2021-45485

View Code ZIP pw:eip

This repository appears to be a documentation dump from a Linux kernel tree (version 4.19.72) and does not contain exploit code or a PoC for CVE-2021-45485. The files provided are standard kernel documentation and configuration scripts.

Classification

Writeup 90%

Attack Type

N/a

Complexity

N/a

Reliability

N/a

Target: N/A

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Release Notes, Vendor Advisory x_refsource_misc

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3

Technical Description, Third Party Advisory x_refsource_misc

https://arxiv.org/pdf/2112.09604.pdf

Patch, Vendor Advisory x_refsource_misc

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpujul2022.html

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20220121-0001/

Scores

CVSS v3 7.5

EPSS 0.0362

EPSS Percentile 88.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-327

Status published

Products (26)

linux/linux_kernel < 5.13.3

netapp/aff_a400_firmware

netapp/all_flash_fabric-attached_storage_8300_firmware

netapp/all_flash_fabric-attached_storage_8700_firmware

netapp/brocade_fabric_operating_system_firmware

netapp/e-series_santricity_os_controller

netapp/fabric-attached_storage_8300_firmware

netapp/fabric-attached_storage_8700_firmware

netapp/fabric-attached_storage_a400_firmware

netapp/h300e_firmware

... and 16 more

Published Dec 25, 2021

Tracked Since Feb 18, 2026