SB2024050840 - Denial of service in Linux kernel Phonet
Published: May 8, 2024 Updated: May 14, 2025
Security Bulletin ID
SB2024050840
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) State Issues (CVE-ID: CVE-2021-47086)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of the socket state within the pep_ioctl() function in net/phonet/pep.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0bbdd62ce9d44f3a22059b3d20a0df977d9f6d59
- https://git.kernel.org/stable/c/b10c7d745615a092a50c2e03ce70446d2bec2aca
- https://git.kernel.org/stable/c/311601f114859d586d5ef8833d60d3aa23282161
- https://git.kernel.org/stable/c/982b6ba1ce626ef87e5c29f26f2401897554f235
- https://git.kernel.org/stable/c/48c76fc53582e7f13c1e0b11c916e503256c4d0b
- https://git.kernel.org/stable/c/52ad5da8e316fa11e3a50b3f089aa63e4089bf52
- https://git.kernel.org/stable/c/53ccdc73eedaf0e922c45b569b797d2796fbaafa
- https://git.kernel.org/stable/c/75a2f31520095600f650597c0ac41f48b5ba0068
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.260
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.223
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.297
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.295
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.89
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.12
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.169