PT-2021-4233 · Linux+9 · Linux Kernel+9

Syzbot

·

Published

2021-03-22

·

Updated

2023-05-17

·

CVE-2021-33034

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.4
Description The issue is related to a use-after-free in the net/bluetooth/hci event.c component of the Linux kernel, specifically when destroying an hci chan. This can lead to writing an arbitrary value, potentially allowing an attacker to execute arbitrary code.
Recommendations For Linux kernel versions prior to 5.12.4, update to version 5.12.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the net/bluetooth/hci event.c component until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2021:2570
ALT-PU-2021-1833
ALT-PU-2021-1888
ALT-PU-2021-1896
ALT-PU-2021-1990
ALT-PU-2021-3481
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6562
BDU:2021-04839
CESA-2021_2563
CESA-2021_2570
CESA-2021_2599
CESA-2021_2725
CVE-2021-33034
DLA-2689-1
DLA-2690-1
MGASA-2021-0214
MGASA-2021-0215
OESA-2021-1176
OPENSUSE-SU-2021:0843-1
OPENSUSE-SU-2021:0947-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0843-1
OPENSUSE-SU-2021_0947-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
RHSA-2021:2563
RHSA-2021:2570
RHSA-2021:2599
RHSA-2021:2666
RHSA-2021:2668
RHSA-2021:2718
RHSA-2021:2719
RHSA-2021:2720
RHSA-2021:2725
RHSA-2021:2726
RHSA-2021:2727
RHSA-2021:2728
RHSA-2021:2729
RHSA-2021:2730
RHSA-2021:2731
RHSA-2021:2732
RHSA-2021:2733
RHSA-2021:2734
RHSA-2021:2736
RHSA-2021:2737
RHSA-2021_2570
RHSA-2021_2599
RHSA-2021_2725
RHSA-2021_2726
RLSA-2021:2570
SUSE-SU-2021:1887-1
SUSE-SU-2021:1888-1
SUSE-SU-2021:1889-1
SUSE-SU-2021:1890-1
SUSE-SU-2021:1891-1
SUSE-SU-2021:1899-1
SUSE-SU-2021:1912-1
SUSE-SU-2021:1913-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2021:2020-1
SUSE-SU-2021:2025-1
SUSE-SU-2021:2026-1
SUSE-SU-2021:2027-1
SUSE-SU-2021:2042-1
SUSE-SU-2021:2057-1
SUSE-SU-2021:2060-1
SUSE-SU-2021:2067-1
SUSE-SU-2021:2198-1
SUSE-SU-2021:2208-1
SUSE-SU-2021:2406-1
SUSE-SU-2021:2421-1
SUSE-SU-2021:2451-1
SUSE-SU-2021:2577-1
USN-4997-1
USN-4997-2
USN-5000-1
USN-5000-2
USN-5001-1
USN-5016-1
USN-5018-1
USN-5299-1
USN-5343-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu