PT-2021-4235 · Linux+5 · Linux Kernel+5

Zheyu Ma

·

Published

2021-04-04

·

Updated

2024-06-15

·

CVE-2021-3483

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12-rc6
Description A flaw was found in the Nosy driver in the Linux kernel, allowing a device to be inserted twice into a doubly-linked list. This leads to a use-after-free when one of these devices is removed, posing a threat to confidentiality, integrity, and system availability.
Recommendations For versions prior to 5.12-rc6, update to kernel version 5.12-rc6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Nosy driver to minimize the risk of exploitation.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2021-1833
ALT-PU-2021-1888
ALT-PU-2021-1896
ALT-PU-2021-1983
ALT-PU-2021-3481
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6568
BDU:2021-04841
CVE-2021-3483
DLA-2689-1
DLA-2690-1
MGASA-2021-0191
MGASA-2021-0192
OESA-2021-1176
OPENSUSE-SU-2021:0579-1
OPENSUSE-SU-2021:0758-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0579-1
OPENSUSE-SU-2021_0758-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:13704-1
SUSE-SU-2021:1210-1
SUSE-SU-2021:1211-1
SUSE-SU-2021:1238-1
SUSE-SU-2021:1248-1
SUSE-SU-2021:1266-1
SUSE-SU-2021:1301-1
SUSE-SU-2021:14724-1
SUSE-SU-2021:1573-1
SUSE-SU-2021:1596-1
SUSE-SU-2021:1617-1
SUSE-SU-2021:1623-1
SUSE-SU-2021:1624-1
SUSE-SU-2021:1625-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2021_14724-1
USN-4948-1
USN-4979-1
USN-4982-1
USN-4984-1
USN-5299-1
USN-5343-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu