CVE-2021-3640

Description

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://access.redhat.com/errata/RHSA-2022:7933
• https://bugzilla.redhat.com/1980646
• https://bugzilla.redhat.com/2037386
• https://bugzilla.redhat.com/2051444
• https://bugzilla.redhat.com/2052312
• https://bugzilla.redhat.com/2053632
• https://bugzilla.redhat.com/2058395
• https://bugzilla.redhat.com/2059928
• https://bugzilla.redhat.com/2066614
• https://bugzilla.redhat.com/2066706
• https://bugzilla.redhat.com/2066819
• https://bugzilla.redhat.com/2070205
• https://bugzilla.redhat.com/2071022
• https://bugzilla.redhat.com/2073064
• https://bugzilla.redhat.com/2074208
• https://bugzilla.redhat.com/2084125
• https://bugzilla.redhat.com/2084183
• https://bugzilla.redhat.com/2084479
• https://bugzilla.redhat.com/2088021
• https://bugzilla.redhat.com/2089815
• https://bugzilla.redhat.com/2090226
• https://bugzilla.redhat.com/2090237
• https://bugzilla.redhat.com/2090240
• https://bugzilla.redhat.com/2090241
• https://bugzilla.redhat.com/2103148

💬 Discuss CVE-2021-3640 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.