CVE-2021-3640

Summary

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.

Affected Software

VendorProductVersion RangeStatus
n/akernelAffects kernel v5.15.3 and prior, Fixed in v5.16-rc1 and above.affected

Weaknesses

  • CWE-362: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), CWE-416 - Use After Free.

ADP Enrichment

CVE Program Container

Additional References

References