CVE-2021-22161

MEDIUM Year: 2021
CVSS v3 Score
6.5
Medium
CVSS v2 Score
3.3
Low
Weakness Type
CWE-835
View all →

Vulnerability Description

In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set. This affects the netifd and odhcp6c packages.

Related Vulnerabilities

CVE-2010-1282

MEDIUM
CVSS:6.5(Medium)

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file.

CWE-8352010

CVE-2015-5239

MEDIUM
CVSS:6.5(Medium)

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

CWE-8352015

CVE-2015-5278

MEDIUM
CVSS:6.5(Medium)

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors re...

CWE-8352015

CVE-2015-5694

MEDIUM
CVSS:6.5(Medium)

Designate does not enforce the DNS protocol limit concerning record set sizes

CWE-8352015

CVE-2015-7850

MEDIUM
CVSS:6.5(Medium)

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.

CWE-8352015