CVE-2021-23134

Name
CVE-2021-23134
Description
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d
MISC https://www.openwall.com/lists/oss-security/2021/05/11/4
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QALNQT4LJFVSSA3MWCIECVY4AFPP4X77/
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZYORWNQIHNWRFYRDXBWYWBYM46PDZEN/
Mailing List https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html
Mailing List https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
Third Party Advisory https://security.netapp.com/advisory/ntap-20210625-0007/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= None < 5.12.4

Vulnerable and fixed packages

Source package Branch Version Maintainer Status