CVE-2021-3573

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13-rc5

Description A use-after-free in the function hci sock bound ioctl() of the Linux kernel HCI subsystem was found. This occurs when a user calls ioct HCIUNBLOCKADDR or triggers a race condition with the call hci unregister dev() together with one of the calls hci sock blacklist add(), hci sock blacklist del(), hci get conn info(), or hci get auth info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system.

Recommendations For Linux kernel versions prior to 5.13-rc5, update to version 5.13-rc5 or later to resolve the issue. As a temporary workaround, consider restricting access to the hci sock bound ioctl() function and limiting the use of ioct HCIUNBLOCKADDR until a patch is available. Additionally, restricting the use of hci unregister dev() and related functions may help minimize the risk of exploitation.