CVE-2021-3760Use After Free in Kernel

CWE-416Use After Free23 documents6 sources
Severity
7.8HIGHNVD
OSV7.0OSV6.5OSV4.7OSV4.4OSV3.3
EPSS
0.1%
top 66.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxDebian Linux+1 more
Timeline
PublishedFeb 16
Latest updateJul 13

Description

A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

NVDlinux/linux_kernel4.04.4.290+6
Debianlinux/linux_kernel< 5.10.84-1+3
Ubuntulinux/linux_kernel< 4.15.0-166.174+2
CVEListV5linux/linux_kernelkernel 5.14.15-100.fc33, kernel 5.14.15-200.fc34, kernel 5.14.15-300.fc35
debiandebian/linux< linux 5.14.16-1 (bookworm)

Also affects: Debian Linux 9.0, Fedora 34

🔴Vulnerability Details

11
OSV
linux-aws vulnerabilities2022-07-13
OSV
linux-lts-xenial, linux-kvm vulnerabilities2022-07-07
GHSA
GHSA-4jqv-ghx3-vc2h: A flaw was found in the Linux kernel2022-02-17
OSV
CVE-2021-3760: A flaw was found in the Linux kernel2022-02-16
OSV
linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4 regression2022-01-12

📋Vendor Advisories

11
Ubuntu
Linux kernel (AWS) vulnerabilities2022-07-13
Ubuntu
Linux kernel vulnerabilities2022-07-07
Ubuntu
Linux kernel regression2022-01-12
Ubuntu
Linux kernel (OEM) vulnerabilities2022-01-11
Ubuntu
Linux kernel vulnerabilities2022-01-06