CVE-2021-33034 - log back

CVE-2021-33034 edited at 15 May 2021 07:28:55
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
References
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=c026c3dc3947c714a19779d0a6c596b55e63685d
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.21&id=7064d5651ba08adbcd3d8a2fc78f8a117a768935
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=1d7bd87a2c8d264ca3e5c9ba6f3eafc23e994028
CVE-2021-33034 created at 15 May 2021 07:26:40
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes