CVE-2021-28691: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-28691 is a use-after-free vulnerability discovered in the Linux xen-netback driver. The vulnerability was identified in Linux kernel versions from 5.5.0 up to 5.12.2. A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 by sending a malformed packet (Xen Advisory).

The vulnerability occurs when a malformed packet from a network PV frontend triggers the termination of the receive kernel thread associated with queue 0. This leads to a use-after-free condition in Linux netback during backend destruction, as the kernel thread for queue 0 has already exited, causing kthread_stop to be called on a stale pointer. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The successful exploitation of this vulnerability can result in a dom0 crash. Additionally, privilege escalation and information leaks cannot be ruled out. The vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS) (NetApp Advisory).

On x86 systems, running only HVM guests with emulated network cards will avoid the issue. However, there is no option in the upstream toolstack to offer only emulated network cards to guests. The vulnerability has been fixed in Linux kernel version 5.12.2 and corresponding security patches have been released for affected versions (Xen Advisory).