CVE-2021-3640 log

Severity Medium
Remote No
Type Arbitrary code execution
A use after free vulnerability has been found in sco_send_frame() in the Bluetooth stack of the Linux kernel before version 5.15.3, similar to CVE-2021-3573. A local attacker with CAP_NET_ADMIN privilege could exploit it to execute arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-2588 linux-hardened 5.14.18.hardened1-1 5.14.21.hardened1-1 Medium Fixed
AVG-2571 linux-zen 5.15.2.zen1-1 5.15.3.zen1-1 Medium Fixed
AVG-2570 linux 5.15.2.arch1-1 5.15.3.arch1-1 Medium Fixed
AVG-2568 linux-lts 5.10.79-1 5.10.80-1 Medium Fixed