CVE-2021-33034 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.

Group	Package	Affected	Fixed	Severity	Status
AVG-1961	linux-lts	5.10.36-2	5.10.37-1	Medium	Fixed
AVG-1960	linux-hardened	5.11.20.hardened1-2	5.11.21.hardened1-1	Medium	Fixed
AVG-1959	linux-zen	5.12.3.zen2-1	5.12.4.zen1-1	Medium	Fixed
AVG-1958	linux	5.12.3.arch2-1	5.12.4.arch1-1	Medium	Fixed

References
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=c026c3dc3947c714a19779d0a6c596b55e63685d https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.21&id=7064d5651ba08adbcd3d8a2fc78f8a117a768935 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=1d7bd87a2c8d264ca3e5c9ba6f3eafc23e994028

References

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=c026c3dc3947c714a19779d0a6c596b55e63685d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.21&id=7064d5651ba08adbcd3d8a2fc78f8a117a768935
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=1d7bd87a2c8d264ca3e5c9ba6f3eafc23e994028