Уязвимость CVE-2021-23134: Информация
Описание
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Важность: HIGH (7,8) Вектор: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Исправленные пакеты
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d |
|
https://www.openwall.com/lists/oss-security/2021/05/11/4 |
|
[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update |
|
[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update |
|
https://security.netapp.com/advisory/ntap-20210625-0007/ |
|
FEDORA-2021-286375de1e | |
FEDORA-2021-05152dbcf5 |