CVE-2021-23134— Linux kernel llcp_sock_bind/connect use-after-free
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-23134
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Linux kernel llcp_sock_bind/connect use-after-free
Source: NVD (National Vulnerability Database)
Vulnerability Description
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
释放后使用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux Kernel 5.12.2版本之前存在安全漏洞。该漏洞允许本地攻击者提升特权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Linux Kernel | Linux Kernel | unspecified ~ 5.12.4 | - |
II. Public POCs for CVE-2021-23134
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-23134
请登录查看更多情报信息。
- https://www.openwall.com/lists/oss-security/2021/05/11/4x_refsource_MISC
- https://security.netapp.com/advisory/ntap-20210625-0007/x_refsource_CONFIRM
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZYORWNQIHNWRFYRDXBWYWBYM46PDZEN/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QALNQT4LJFVSSA3MWCIECVY4AFPP4X77/vendor-advisoryx_refsource_FEDORA
- https://nvd.nist.gov/vuln/detail/CVE-2021-23134
IV. Related Vulnerabilities
Same product: Linux Kernel
- CVE-2024-24864
Race condition vulnerability in Linux kernel media/dvb-core - CVE-2024-24857
Race condition vulnerability in Linux kernel bluetooth in co - CVE-2024-24858
Race condition vulnerability in Linux kernel net/bluetooth i - CVE-2024-24859
Race condition vulnerability in Linux kernel bluetooth sniff - CVE-2024-24860
Race condition vulnerability in Linux kernel bluetooth drive
Same vendor: Linux Kernel
- CVE-2022-2785
Arbitrary Memory read in BPF Linux Kernel - CVE-2022-2503
Linux Kernel LoadPin bypass via dm-verity table reload - CVE-2022-2327
Use-after-free in io_uring ad work_flags in Linux Kernel - CVE-2021-22600
Double Free in net/packet/af_packet.c leading to priviledge - CVE-2021-22543
Improper memory handling in Linux KVM
V. Comments for CVE-2021-23134
No comments yet