IPv4 ID Generation Flaw in NetBSD Affects All Versions Up to 9.2
CVE-2021-45487

7.5HIGH

Key Information:

Vendor: Netbsd
Status: Netbsd
Vendor: CVE Published:; 25 December 2021

What is CVE-2021-45487?

The IPv4 ID generation algorithm utilized in NetBSD versions up to 9.2 lacks robust cryptographic measures, potentially exposing systems to spoofing attacks and various types of network-based exploits. Without adequate randomness in ID generation, malicious actors could predict or manipulate packet IDs, compromising network integrity.

References

https://arxiv.org/pdf/2112.09604.pdf

x_refsource_MISC

http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetB...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 25, 2021
Vulnerability Reserved
Dec 25, 2021

CVE-2021-45487 Data

JSON

Netbsd

What is CVE-2021-45487?

References

CVSS V3.1

Timeline