Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2021-25645
CVE-2021-25645:
Couchbase vulnerability analysis and mitigation
Overview
A vulnerability identified as CVE-2021-25645 was discovered in the Linux kernel. The issue affects traffic between two Geneve endpoints when IPsec is configured to encrypt the communication (Red Hat Advisory).
Technical details
The vulnerability affects Linux kernel versions before 5.9-rc7, specifically impacting the encryption of traffic between Geneve endpoints when IPsec encryption is configured. This security issue was rated as Important by Red Hat Product Security (Red Hat Advisory).
Impact
When exploited, this vulnerability could result in traffic between two Geneve endpoints being unencrypted, even when IPsec is configured to encrypt the communication. This could potentially expose sensitive data that was intended to be encrypted (Red Hat Advisory).
Mitigation and workarounds
The vulnerability has been addressed through kernel updates. Users are advised to update to kernel version 5.9-rc7 or later. For Red Hat Enterprise Linux users, the fix is included in kernel-rt-3.10.0-1160.21.1.rt56.1158.el7 update (Red Hat Advisory).
Additional resources
Source: This report was generated using AI
Related Couchbase vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management