CVE-2021-4028

Summary

A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.

Affected Software

VendorProductVersion RangeStatus
n/akernelFixed in kernel 5.15-rc1affected

Weaknesses

  • CWE-416: CWE-416 - Use After Free

ADP Enrichment

CVE Program Container

Additional References

References