PT-2024-11038 · Linux+4 · Linux Kernel+4

Qingyu Li

Published

2021-03-01

Updated

2024-10-09

CVE-2021-4442

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel related to the TCP QUEUE SEQ option. The issue was reported by Qingyu Li, who found a syzkaller bug that changes the RCV SEQ after restoring data in the receive queue. This should not be allowed, as TCP QUEUE SEQ should only be used when queues are empty. The patch fixes this case and the tx path as well. The vulnerability can be exploited locally, allowing an attacker to gain elevated privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2025-02863

CESA-2021_4356

CVE-2021-4442

RHSA-2021:4356

RHSA-2021_4356

SUSE-SU-2024:3566-1

SUSE-SU-2024_3566-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2024-11038 · Linux+4 · Linux Kernel+4

CVE-2021-4442

Weakness Enumeration

Related Identifiers

Affected Products

References · 216