Vulnerability CVE-2021-23134: Information

Description

Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-23134

Published: May 13, 2021

Modified: Nov. 7, 2023

Error type identifier: CWE-416

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	5.12.4-alt1	6.8.8-alt1	ALT-PU-2021-1833-1	272140	Fixed
kernel-image-mp	p10	5.12.4-alt1	6.1.19-alt1	ALT-PU-2021-1833-1	272140	Fixed
kernel-image-mp	p9	5.12.16-alt1	5.12.16-alt1	ALT-PU-2021-3481-1	279859	Fixed
kernel-image-rpi-def	sisyphus	5.15.25-alt1	5.15.92-alt2	ALT-PU-2022-1419-1	296090	Fixed
kernel-image-rpi-def	p10	5.15.25-alt1	5.15.92-alt2	ALT-PU-2022-1421-1	296181	Fixed
kernel-image-rpi-un	sisyphus	5.12.6-alt1	6.6.23-alt1	ALT-PU-2021-1888-1	273055	Fixed
kernel-image-rpi-un	p10	5.12.6-alt1	6.1.77-alt1	ALT-PU-2021-1888-1	273055	Fixed
kernel-image-rpi-un	p9	5.12.6-alt1	5.12.17-alt1	ALT-PU-2021-1896-1	273084	Fixed
kernel-image-rt	sisyphus	6.1.28-alt1.rt10	6.1.90-alt2.rt30	ALT-PU-2023-1814-1	320645	Fixed
kernel-image-std-debug	sisyphus	5.10.54-alt1	6.1.91-alt1	ALT-PU-2021-2370-1	281272	Fixed
kernel-image-std-def	sisyphus	5.10.41-alt1	6.1.91-alt1	ALT-PU-2021-1912-1	272886	Fixed
kernel-image-std-def	p10	5.10.41-alt1	5.10.216-alt1	ALT-PU-2021-1912-1	272886	Fixed
kernel-image-std-def	p9	5.4.119-alt1	5.4.275-alt1	ALT-PU-2021-1856-1	271835	Fixed
kernel-image-std-def	p8	4.9.270-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2021-1884-1	272597	Fixed
kernel-image-std-def	c9f2	5.10.42-alt0.c9f	5.10.214-alt0.c9f.2	ALT-PU-2021-1961-1	273497	Fixed
kernel-image-std-def	c7	4.4.277-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2021-3033-1	281293	Fixed
kernel-image-un-def	sisyphus	5.11.21-alt1	6.6.31-alt1	ALT-PU-2021-1805-1	271842	Fixed
kernel-image-un-def	sisyphus_riscv64	5.19.16-alt2.rv64	6.6.29-alt1.0.port	ALT-PU-2022-6777-1	-	Fixed
kernel-image-un-def	p10	5.11.21-alt1	6.1.85-alt1	ALT-PU-2021-1805-1	271842	Fixed
kernel-image-un-def	p9	5.10.37-alt1	5.10.216-alt2	ALT-PU-2021-1855-1	271841	Fixed
kernel-image-un-def	p8	4.19.192-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2021-1885-1	272595	Fixed
kernel-image-un-def	c10f1	5.11.21-alt1	6.1.85-alt0.c10f.1	ALT-PU-2021-1805-1	271842	Fixed
kernel-image-un-def	c7	4.9.277-alt0.M70C.1	4.9.277-alt0.M70C.1	ALT-PU-2021-3032-1	281292	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d	Mailing List Patch Vendor Advisory
https://www.openwall.com/lists/oss-security/2021/05/11/4	Mailing List Patch Third Party Advisory
[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update	Mailing List Third Party Advisory
[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20210625-0007/	Third Party Advisory
FEDORA-2021-286375de1e
FEDORA-2021-05152dbcf5

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  End excliding
  5.12.4
  
  Configuration 2
  cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2021-23134: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3