CVE-2021-3752

Summary

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Affected Software

VendorProductVersion RangeStatus
n/akernelkernel 5.15.3affected

Weaknesses

  • CWE-416: CWE-416

ADP Enrichment

CVE Program Container

Additional References

References