Hi,
Considering description of the CVE-2021-45485, Is OS vulnerable if I dont use IPV6?
Description
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
CVE-2021-45485
Re: CVE-2021-45485
From what I can see this CVE is about being able to predict the id of ipv6 packets so that an attacker can spoof them. If yuou don't use ipv6 then yuou are not at risk from this. Please note that there is no Red Hat CVE entry for this CVE as yet so I gathered this information from https://vuldb.com/?id.189071 and its link to the changelog for kernel 5.13.3. I may be completely wrong about its impact as there is no official statement from anyone in the RH world about it.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke