Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
616
VMScore

CVE-2021-3573

Published: 13/08/2021 Updated: 07/11/2023
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
CVSS v3 Base Score: 6.4 | Impact Score: 5.9 | Exploitability Score: 0.5
VMScore: 616
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Linux

Vulnerability Summary

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions before 5.13-rc5.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 5.13

linux linux kernel

redhat enterprise linux 7.0

redhat enterprise linux 6.0

redhat enterprise linux 8.0

fedoraproject fedora 34

Vendor Advisories

Ubuntu Security Notice: USN-5343-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this upd ...
Red Hat: Important: kernel security and bug fix update
Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as ...
Red Hat: Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes
Synopsis Moderate: Red Hat Advanced Cluster Management 2211 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 2211 General Availability release images, which provide one or more container updates and bug fixesRed Hat Product Security has rated this update as ...
Red Hat: CVE-2021-3573
A flaw use-after-free in the Linux kernel HCI subsystem was found in the way user detaches bluetooth dongle or other way triggers unregister bluetooth device event A local user could use this flaw to crash the system or escalate their privileges on the system ...
Arch Linux Issues:
A use after free vulnerability has been found in the hci_sock_bound_ioctl() function of the Linux kernel It can allow attackers to corrupt kernel heaps (kmalloc-8k to be specific) and adopt further exploitations ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-004
A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...
Amazon Linux 2: ALAS2-2021-1685
A vulnerability was found in the bluez, where Passkey Entry protocol used in Secure Simple Pairing (SSP), Secure Connections (SC) and LE Secure Connections (LESC) of the Bluetooth Core Specification is vulnerable to an impersonation attack where an active attacker can impersonate the initiating device without any previous knowledge (CVE-2020-26558 ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-002
A flaw was found in the Linux kernels implementation of wifi fragmentation handling An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device (CVE-2020-24586) A flaw was found in the Linux kernel ...

Mailing Lists

Full Disclosure: CVE-2021-3573: UAF in hci_sock_bound_ioctl() function
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2021-3573: UAF in hci_sock_bound_ioctl() function <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Lin Horse & ...

References

CWE-362https://bugzilla.redhat.com/show_bug.cgi?id=1966578https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52https://www.openwall.com/lists/oss-security/2021/06/08/2http://www.openwall.com/lists/oss-security/2023/07/02/1https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5343-1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook