CVE-2021-3640 — Race Condition in Kernel
Severity
7.0HIGHNVD
EPSS
0.0%
top 98.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 3
Latest updateJul 8
Description
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9
Affected Packages4 packages
Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 20.04, 21.10, Fedora 34
Patches
🔴Vulnerability Details
12GHSA▶
GHSA-c8w8-4f3f-5v3j: A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other w↗2022-03-05
CVEList▶
CVE-2021-3640: A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other w↗2022-03-03
📋Vendor Advisories
7Microsoft▶
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_de↗2022-03-08