CVE-2021-4203

Summary

A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.

Affected Software

VendorProductVersion RangeStatus
n/akernelkernel 5.15 rc4affected

Weaknesses

  • CWE-362: CWE-362->CWE-416

ADP Enrichment

CVE Program Container

Additional References

References