CVE-2021-23134 - log back

CVE-2021-23134 edited at 14 May 2021 22:11:38
References
https://www.openwall.com/lists/oss-security/2021/05/11/4
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=18175fe17ae043a0b81e5d511f8817825784c299
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.21&id=374cdde4dcc9c909a60713abdbbf96d5e3e09f91
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=6b7021ed36dabf29e56842e3408781cd3b82ef6e
CVE-2021-23134 edited at 14 May 2021 15:48:02
Description
- A use after free security issue has been found in the Linux kernel in the implementation of nfc sockets (in net/nfc/llcp_sock.c), allowing local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
+ A use after free security issue has been found in the Linux kernel before version 5.12.4 in the implementation of nfc sockets (in net/nfc/llcp_sock.c), allowing local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
References
https://www.openwall.com/lists/oss-security/2021/05/11/4
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/nfc/llcp_sock.c?h=v5.12.4&id=18175fe17ae043a0b81e5d511f8817825784c299
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=18175fe17ae043a0b81e5d511f8817825784c299
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/nfc/llcp_sock.c?h=v5.10.37&id=6b7021ed36dabf29e56842e3408781cd3b82ef6e
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=6b7021ed36dabf29e56842e3408781cd3b82ef6e
CVE-2021-23134 edited at 14 May 2021 15:42:14
References
https://www.openwall.com/lists/oss-security/2021/05/11/4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/nfc/llcp_sock.c?h=v5.12.4&id=18175fe17ae043a0b81e5d511f8817825784c299
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net/nfc/llcp_sock.c?h=v5.10.37&id=6b7021ed36dabf29e56842e3408781cd3b82ef6e
CVE-2021-23134 edited at 13 May 2021 09:57:39
Description
- A use after free security issue has been found in the Linux kernel in the implementation of nfc sockets (in net/nfc/llcp_sock.c). This can lead to kernel privilege escalation from the context of an unprivileged user.
+ A use after free security issue has been found in the Linux kernel in the implementation of nfc sockets (in net/nfc/llcp_sock.c), allowing local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
CVE-2021-23134 edited at 11 May 2021 13:00:28
Type
- Arbitrary code execution
+ Privilege escalation
Description
- A use after free security issue has been found in the Linux kernel in llcp_sock_bind() and llcp_sock_connect().
+ A use after free security issue has been found in the Linux kernel in the implementation of nfc sockets (in net/nfc/llcp_sock.c). This can lead to kernel privilege escalation from the context of an unprivileged user.
References
+ https://www.openwall.com/lists/oss-security/2021/05/11/4
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6
CVE-2021-23134 edited at 10 May 2021 08:41:19
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A use after free security issue has been found in the Linux kernel in llcp_sock_bind() and llcp_sock_connect().
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6
CVE-2021-23134 created at 10 May 2021 08:39:34
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes