CVE-2021-39713 — Race Condition in Linux

CWE-362 — Race Condition CWE-821 — Incorrect Synchronization11 documents6 sources

Severity

7.0HIGHNVD

OSV4.7

EPSS

0.0%

top 96.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Debian Linux

Timeline

PublishedMar 16

Latest updateJun 16

Description

Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages3 packages

▶Debianlinux/linux_kernel< 5.2.6-1+3

▶Ubuntulinux/linux_kernel< 3.13.0-190.241+5

▶debiandebian/linux< linux 5.2.6-1 (bookworm)

Also affects: Debian Linux 9.0

Patches

Patch: source.android.com ↗Patch: source.android.com ↗

🔴Vulnerability Details

OSV

linux vulnerabilities↗2022-06-16

▶

OSV

Kernel Live Patch Security Notice↗2022-06-02

▶

OSV

linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities↗2022-05-12

▶

GHSA

GHSA-5mgm-hh8w-j47p: Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel↗2022-03-17

▶

OSV

CVE-2021-39713: Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel↗2022-03-16

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2022-06-16

▶

Ubuntu

Kernel Live Patch Security Notice↗2022-06-02

▶

Ubuntu

Linux kernel vulnerabilities↗2022-05-12

▶

Red Hat

kernel: race condition in the network scheduling subsystem could lead to an use-after-free↗2022-03-07

▶

Debian

CVE-2021-39713: linux - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstr...↗2021

▶