In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
{ "vanir_signatures": [ { "digest": { "length": 570.0, "function_hash": "257551255886560943485783703594826357611" }, "target": { "file": "net/ipv6/output_core.c", "function": "__ipv6_select_ident" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@62f20e068ccc50d6ab66fdb72ba90da2b9418c99", "signature_version": "v1", "id": "CVE-2021-45485-32b1b4e2", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "171314123999822002218374423245084176099", "234115065568034465099046592168987849231", "130395417563785371983810388860187830679", "205974562114542401680215029445313993094", "273461605902844822435484285171602924870", "247023053875748374381397493067434809044", "208944477938721912656576369896228534892", "262710605084249683058082840432392869260", "85728270154190217520918167646657956690", "203553977550121443903394931968297349454", "159588177648731360653765779060080554337", "110600896333832124833366928818383300197", "109910714774450791956943026231197374976", "63293587891654682144665354150215418154", "268265741451378448024557942147094357549", "258146633871305378628349306710443095468", "201437657325521727240149539959481355467", "219080210369439732564132672156449830599" ] }, "target": { "file": "net/ipv6/output_core.c" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@62f20e068ccc50d6ab66fdb72ba90da2b9418c99", "signature_version": "v1", "id": "CVE-2021-45485-84bca888", "signature_type": "Line" } ] }