A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2022/06/01/2 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2022/06/04/2 | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2022/06/07/2 | Mailing List Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2036682 | Issue Tracking Patch Third Party Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102 | Exploit Patch Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406 | Exploit Patch Vendor Advisory |
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15 | Exploit Patch Vendor Advisory |
https://security.netapp.com/advisory/ntap-20220513-0002/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Aug 2023, 17:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:* |
06 Oct 2022, 02:25
Type | Values Removed | Values Added |
---|---|---|
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/06/07/2 - Mailing List, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/06/01/2 - Mailing List, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2022/06/04/2 - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220513-0002/ - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.0 |
07 Jun 2022, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Jun 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Jun 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 May 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Apr 2022, 15:12
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15 - Exploit, Patch, Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2036682 - Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406 - Exploit, Patch, Vendor Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102 - Exploit, Patch, Vendor Advisory | |
CPE | cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 6.6
v3 : 7.0 |
CWE | CWE-416 CWE-362 |
|
First Time |
Linux linux Kernel
Linux |
25 Mar 2022, 19:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-25 19:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-4202
Mitre link : CVE-2021-4202
CVE.ORG link : CVE-2021-4202
JSON object : View
Products Affected
linux
- linux_kernel