A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2023/07/02/1 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1966578 | Issue Tracking Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52 | Patch Vendor Advisory |
https://www.openwall.com/lists/oss-security/2021/06/08/2 | Exploit Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
02 Jul 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-416 |
24 Aug 2021, 19:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-362 CWE-416 |
|
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 6.4 |
CPE | cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1966578 - Issue Tracking, Third Party Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52 - Patch, Vendor Advisory | |
References | (MISC) https://www.openwall.com/lists/oss-security/2021/06/08/2 - Exploit, Mailing List, Third Party Advisory |
13 Aug 2021, 15:46
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-13 14:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-3573
Mitre link : CVE-2021-3573
CVE.ORG link : CVE-2021-3573
JSON object : View
Products Affected
redhat
- enterprise_linux
fedoraproject
- fedora
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')