CVE-2021-3640
Description
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
Risk Information
Base Score
7.0
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.004
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2021:14849-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.132.1.i586.rpm | Linux |
| SUSE-SU-2021:14849-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.132.1.x86_64.rpm | Linux |
| SUSE-SU-2021:14849-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.132.1.i586.rpm | Linux |
| SUSE-SU-2021:14849-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.132.1.x86_64.rpm | Linux |
| SUSE-SU-2021:14849-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.132.1.i586.rpm | Linux |
| SUSE-SU-2021:14849-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.132.1.x86_64.rpm | Linux |
| Linux kernel (USN-5265-1) linux-image-aws_5.13.0.1012.13_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-aws_5.13.0.1015.16~20.04.8_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-gcp_5.13.0.1013.12_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-gcp_5.13.0.1015.18~20.04.2_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-gke_5.13.0.1013.12_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-kvm_5.13.0.1011.11_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oracle_5.13.0.1016.16_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oracle_5.13.0.1019.23~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-generic_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-virtual_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oem-20.04_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-lowlatency_5.13.0.28.38_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-oem-20.04c_5.13.0.1029.31_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.11.0-1029-gcp_5.11.0-1029.33~20.04.3_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1011-kvm_5.13.0-1011.12_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1012-aws_5.13.0-1012.13_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1013-gcp_5.13.0-1013.16_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1029-oem_5.13.0-1029.36_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-generic_5.13.0-28.31_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-generic_5.13.0-28.31~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-generic-hwe-20.04_5.13.0.28.31~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-virtual-hwe-20.04_5.13.0.28.31~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.11.0-1028-oracle_5.11.0-1028.31~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-1016-oracle_5.13.0-1016.20_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-lowlatency_5.13.0-28.31_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-5.13.0-28-lowlatency_5.13.0-28.31~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5265-1) linux-image-lowlatency-hwe-20.04_5.13.0.28.31~20.04.15_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-kvm_4.15.0.1106.102_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-generic_4.15.0.167.156_i386.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-generic_4.15.0.167.156_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-virtual_4.15.0.167.156_i386.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-virtual_4.15.0.167.156_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-dell300x_4.15.0.1034.36_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-lowlatency_4.15.0.167.156_i386.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-lowlatency_4.15.0.167.156_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-aws-lts-18.04_4.15.0.1119.122_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-gcp-lts-18.04_4.15.0.1115.134_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-1106-kvm_4.15.0-1106.108_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-1115-gcp_4.15.0-1115.129_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-oracle-lts-18.04_4.15.0.1086.96_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-1086-oracle_4.15.0-1086.94_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-167-generic_4.15.0-167.175_i386.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-167-generic_4.15.0-167.175_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-1034-dell300x_4.15.0-1034.39_amd64.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-167-lowlatency_4.15.0-167.175_i386.deb | Linux |
| Linux kernel (USN-5268-1) linux-image-4.15.0-167-lowlatency_4.15.0-167.175_amd64.deb | Linux |
| Kernel-uek update (ELSA-2022-9147) kernel-uek-5.4.17-2136.304.4.1.el8uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2022-9147) kernel-uek-debug-5.4.17-2136.304.4.1.el8uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2022-9147) kernel-uek-debug-devel-5.4.17-2136.304.4.1.el8uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2022-9147) kernel-uek-devel-5.4.17-2136.304.4.1.el8uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2022-9147) kernel-uek-doc-5.4.17-2136.304.4.1.el8uek.noarch.rpm | Linux |
| Kernel-uek-container update (ELSA-2022-9148) kernel-uek-container-5.4.17-2136.304.4.1.el8.x86_64.rpm | Linux |
| Kernel-uek-container-debug update (ELSA-2022-9148) kernel-uek-container-debug-5.4.17-2136.304.4.1.el8.x86_64.rpm | Linux |
| Kernel-uek update (ELSA-2022-9179) kernel-uek-4.14.35-2047.511.5.2.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2022-9179) kernel-uek-debug-4.14.35-2047.511.5.2.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2022-9179) kernel-uek-debug-devel-4.14.35-2047.511.5.2.el7uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2022-9179) kernel-uek-devel-4.14.35-2047.511.5.2.el7uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2022-9179) kernel-uek-doc-4.14.35-2047.511.5.2.el7uek.noarch.rpm | Linux |
| Kernel-uek-tools update (ELSA-2022-9179) kernel-uek-tools-4.14.35-2047.511.5.2.el7uek.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update bpftool-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-425.3.1.el8.noarch.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-core-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-425.3.1.el8.noarch.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update perf-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| (RHSA-2022:7683) kernel security, bug fix, and enhancement update python3-perf-4.18.0-425.3.1.el8.x86_64.rpm | Linux |
| Linux kernel (USN-5265-1) linux-image-5.11.0-1028-azure_5.11.0-1028.31~20.04.2_amd64.deb | Linux |
| Linux kernel (USN-5267-1) linux-image-5.4.0-1068-azure_5.4.0-1068.71_amd64.deb | Linux |
| Linux kernel (USN-5267-1) linux-image-5.4.0-1068-azure_5.4.0-1068.71~18.04.1_amd64.deb | Linux |
| kernel Security Update (ALAS-2021-1727) kernel-livepatch-4.14.256-197.484-1.0-0.amzn2.x86_64.rpm | Linux |
| kernel Security Update (ALAS2-2025-2752) kernel-livepatch-4.14.256-197.484-1.0-0.amzn2.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234