PT-2021-7360 · Linux+5 · Linux Kernel+5

Syzbot

·

Published

2021-05-18

·

Updated

2025-09-29

·

CVE-2021-42008

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.13
Description The issue is related to a slab out-of-bounds write in the decode data function of the drivers/net/hamradio/6pack.c component in the Linux kernel. This can be exploited to gain access to confidential data, compromise data integrity, and cause a denial of service. Input from a process with the CAP NET ADMIN capability can lead to root access. The vulnerability is a 16-year-old heap OOB write in the N 6PACK tty line discipline.
Recommendations For Linux kernel versions prior to 5.13.13, update to version 5.13.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the decode data function in the drivers/net/hamradio/6pack.c component until a patch is available. Additionally, limiting the use of the CAP NET ADMIN capability can help minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2021_1578
ALSA-2021_2570
ALSA-2021_2714
ALSA-2021_3057
ALSA-2024_2394
ALSA-2024_4211
ALSA-2024_4352
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_13589
ALSA-2025_13590
ALSA-2025_13962
ALSA-2025_16880
ALT-PU-2021-2643
ALT-PU-2021-2644
ALT-PU-2021-2658
ALT-PU-2021-2659
ALT-PU-2021-2661
ALT-PU-2021-2662
ALT-PU-2021-2691
ALT-PU-2021-2748
ALT-PU-2021-2778
ALT-PU-2021-2901
ALT-PU-2021-3000
ALT-PU-2021-3002
ALT-PU-2021-3007
ALT-PU-2021-3477
ALT-PU-2021-3563
ALT-PU-2021-3573
ALT-PU-2022-2096
ALT-PU-2023-4894
AZL-6598
BDU:2022-05781
CVE-2021-42008
DLA-2785-1
DLA-2843-1
OESA-2021-1379
OPENSUSE-SU-2021:1477-1
OPENSUSE-SU-2021:3641-1
OPENSUSE-SU-2021:3675-1
OPENSUSE-SU-2021:3876-1
OPENSUSE-SU-2021_1460-1
OPENSUSE-SU-2021_1477-1
OPENSUSE-SU-2021_3641-1
OPENSUSE-SU-2021_3655-1
OPENSUSE-SU-2021_3675-1
OPENSUSE-SU-2021_3876-1
SUSE-SU-2021:14849-1
SUSE-SU-2021:3640-1
SUSE-SU-2021:3641-1
SUSE-SU-2021:3642-1
SUSE-SU-2021:3658-1
SUSE-SU-2021:3675-1
SUSE-SU-2021:3723-1
SUSE-SU-2021:3748-1
SUSE-SU-2021:3754-1
SUSE-SU-2021:3876-1
SUSE-SU-2021:3929-1
SUSE-SU-2021:3935-1
SUSE-SU-2021:3969-1
SUSE-SU-2021:3972-1
SUSE-SU-2021_14849-1
SUSE-SU-2021_3640-1
SUSE-SU-2021_3641-1
SUSE-SU-2021_3642-1
SUSE-SU-2021_3655-1
SUSE-SU-2021_3658-1
SUSE-SU-2021_3675-1
SUSE-SU-2021_3748-1
SUSE-SU-2021_3754-1
SUSE-SU-2021_3876-1
SUSE-SU-2021_3929-1
SUSE-SU-2021_3935-1
SUSE-SU-2021_3969-1
SUSE-SU-2021_3972-1
USN-5113-1
USN-5114-1
USN-5115-1
USN-5116-1
USN-5116-2
USN-5299-1
USN-5343-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu