Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-4202

UNKNOWN
Published 2022-03-25T18:02:45
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-4202. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-gqgp-hh7h-fh5j

Advisory Details

A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed, leading to a privilege escalation problem.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-4202
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2036682
WEB https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102
WEB https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406
WEB https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15
WEB https://security.netapp.com/advisory/ntap-20220513-0002
WEB http://www.openwall.com/lists/oss-security/2022/06/01/2
WEB http://www.openwall.com/lists/oss-security/2022/06/04/2
WEB http://www.openwall.com/lists/oss-security/2022/06/07/2

Advisory provided by GitHub Security Advisory Database. Published: March 26, 2022, Modified: April 8, 2022

References

https://bugzilla.redhat.com/show_bug.cgi?id=2036682
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15
https://security.netapp.com/advisory/ntap-20220513-0002/
http://www.openwall.com/lists/oss-security/2022/06/01/2
http://www.openwall.com/lists/oss-security/2022/06/04/2
http://www.openwall.com/lists/oss-security/2022/06/07/2
Published: 2022-03-25T18:02:45
Last Modified: 2024-08-03T17:16:04.245Z
Copied to clipboard!