PT-2021-4248 · Linux+4 · Linux Kernel+4

Nadav Markus

+1

·

Published

2021-05-04

·

Updated

2025-10-02

·

CVE-2021-23134

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.12.4
Description The issue is related to a Use After Free vulnerability in the NFC sockets of the Linux kernel. This vulnerability can be exploited by a local attacker to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP NET RAW capability. The vulnerability is associated with the use of memory after it has been freed.
Recommendations For Linux kernel versions prior to 5.12.4, update to version 5.12.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of NFC sockets or disabling the CAP NET RAW capability for non-privileged users until a patch is applied.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2021-1805
ALT-PU-2021-1833
ALT-PU-2021-1855
ALT-PU-2021-1856
ALT-PU-2021-1888
ALT-PU-2021-1896
ALT-PU-2021-1912
ALT-PU-2021-1961
ALT-PU-2021-1990
ALT-PU-2021-2370
ALT-PU-2021-2672
ALT-PU-2021-2677
ALT-PU-2021-2678
ALT-PU-2021-2737
ALT-PU-2021-2751
ALT-PU-2021-3481
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6531
BDU:2021-04856
CVE-2021-23134
DLA-2689-1
DLA-2690-1
OESA-2021-1176
OPENSUSE-SU-2021:0843-1
OPENSUSE-SU-2021:0947-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0843-1
OPENSUSE-SU-2021_0947-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
OPENSUSE-SU-2024_1489-1
SUSE-SU-2021:1887-1
SUSE-SU-2021:1888-1
SUSE-SU-2021:1889-1
SUSE-SU-2021:1890-1
SUSE-SU-2021:1891-1
SUSE-SU-2021:1899-1
SUSE-SU-2021:1912-1
SUSE-SU-2021:1913-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2021:2020-1
SUSE-SU-2021:2027-1
SUSE-SU-2021:2057-1
SUSE-SU-2021:2067-1
SUSE-SU-2021:2208-1
SUSE-SU-2021:2406-1
SUSE-SU-2021:2421-1
SUSE-SU-2021:2451-1
SUSE-SU-2021_2020-1
SUSE-SU-2021_2027-1
SUSE-SU-2021_2057-1
SUSE-SU-2021_2067-1
SUSE-SU-2022:0234-1
SUSE-SU-2022:0243-1
SUSE-SU-2022:0255-1
SUSE-SU-2022:0263-1
SUSE-SU-2022:0291-1
SUSE-SU-2022:0293-1
SUSE-SU-2022:0296-1
SUSE-SU-2022:0325-1
SUSE-SU-2022:0327-1
SUSE-SU-2024:1454-1
SUSE-SU-2024:1489-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1870-1
USN-4997-1
USN-4997-2
USN-5000-1
USN-5000-2
USN-5001-1
USN-5016-1
USN-5018-1
USN-5343-1

Affected Products

Alt Linux
Linuxmint
Linux Kernel
Suse
Ubuntu