CVE-2021-3573 - log back

CVE-2021-3573 edited at 10 Jun 2021 19:24:35
References
https://www.openwall.com/lists/oss-security/2021/06/08/2
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.10&id=7422eadcf201f2e25eb45b46ffc900fc4214e14f
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.43&id=74caf718cc7422a957aac381c73d798c0a999a65
CVE-2021-3573 edited at 08 Jun 2021 11:49:17
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A use after free vulnerability has been found in the hci_sock_bound_ioctl() function of the Linux kernel. It can allow attackers to corrupt kernel heaps (kmalloc-8k to be specific) and adopt further exploitations.
References
+ https://www.openwall.com/lists/oss-security/2021/06/08/2
+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52
CVE-2021-3573 created at 08 Jun 2021 11:46:18
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes