CVE-2021-23133 - log back

CVE-2021-23133 edited at 14 May 2021 22:11:10
References
https://www.openwall.com/lists/oss-security/2021/04/18/2
https://www.openwall.com/lists/oss-security/2021/05/10/3
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=f7a805d1bb53c61d9539e5801af564958d1974d7
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.21&id=61ba899553de1930afd8a75b579606b4d8bbb489
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=42f1b8653f85924743ea5b57b051a4e1f05b5e43
CVE-2021-23133 edited at 14 May 2021 15:47:46
Description
- A race condition was found in the Linux kernel in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
+ A race condition was found in the Linux kernel before version 5.12.4 in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
References
https://www.openwall.com/lists/oss-security/2021/04/18/2
https://www.openwall.com/lists/oss-security/2021/05/10/3
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/sctp/socket.c?h=v5.12.4&id=f7a805d1bb53c61d9539e5801af564958d1974d7
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=f7a805d1bb53c61d9539e5801af564958d1974d7
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/sctp/socket.c?h=v5.10.37&id=42f1b8653f85924743ea5b57b051a4e1f05b5e43
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=42f1b8653f85924743ea5b57b051a4e1f05b5e43
CVE-2021-23133 edited at 14 May 2021 15:40:59
References
https://www.openwall.com/lists/oss-security/2021/04/18/2
https://www.openwall.com/lists/oss-security/2021/05/10/3
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34e5b01186858b36c4d7c87e1a025071e8e2401f
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/sctp/socket.c?h=v5.12.4&id=f7a805d1bb53c61d9539e5801af564958d1974d7
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/sctp/socket.c?h=v5.10.37&id=42f1b8653f85924743ea5b57b051a4e1f05b5e43
CVE-2021-23133 edited at 11 May 2021 15:46:40
References
https://www.openwall.com/lists/oss-security/2021/04/18/2
https://www.openwall.com/lists/oss-security/2021/05/10/3
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/sctp/socket.c?id=34e5b01186858b36c4d7c87e1a025071e8e2401f
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34e5b01186858b36c4d7c87e1a025071e8e2401f
CVE-2021-23133 edited at 10 May 2021 08:51:01
Description
- A race condition was found in the Linux kernel before version 5.11.16 in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
+ A race condition was found in the Linux kernel in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
References
https://www.openwall.com/lists/oss-security/2021/04/18/2
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=59b5f3e478dbcb4c384cf0888d6cc9f5cad79f2f
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=5a627026be4a17e5b9db23558cd28e62b2cbc66e
+ https://www.openwall.com/lists/oss-security/2021/05/10/3
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/sctp/socket.c?id=34e5b01186858b36c4d7c87e1a025071e8e2401f
CVE-2021-23133 edited at 21 Apr 2021 14:09:25
Description
- A race condition was found in the Linux kernel in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
+ A race condition was found in the Linux kernel before version 5.11.16 in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
References
https://www.openwall.com/lists/oss-security/2021/04/18/2
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=59b5f3e478dbcb4c384cf0888d6cc9f5cad79f2f
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=5a627026be4a17e5b9db23558cd28e62b2cbc66e
CVE-2021-23133 edited at 18 Apr 2021 10:01:27
Remote
- Remote
+ Local
Type
- Incorrect calculation
+ Privilege escalation
Description
- A race condition was found in the Linux kernel in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking.
+ A race condition was found in the Linux kernel in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking. This can lead to kernel privilege escalation from the context of a network service or from an unprivileged process if certain conditions are met.
References
+ https://www.openwall.com/lists/oss-security/2021/04/18/2
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b
CVE-2021-23133 edited at 18 Apr 2021 09:34:46
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Incorrect calculation
Description
+ A race condition was found in the Linux kernel in sctp_destroy_sock. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock held and sp->do_auto_asconf is true, then an element is removed from the auto_asconf_splist without any proper locking.
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b
CVE-2021-23133 created at 18 Apr 2021 09:32:18
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes