SB20240531180 - Use-after-free in Linux kernel net sctp
Published: May 31, 2024 Updated: May 14, 2025
Security Bulletin ID
SB20240531180
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Use-after-free (CVE-ID: CVE-2021-46929)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sctp_transport_lookup_process() and sctp_transport_get_idx() functions in net/sctp/socket.c, within the sctp_sock_dump() and sctp_sock_filter() functions in net/sctp/sctp_diag.c, within the sctp_endpoint_free() and sctp_endpoint_destroy() functions in net/sctp/endpointola.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/8873140f95d4977bf37e4cf0d5c5e3f6e34cdd3e
- https://git.kernel.org/stable/c/af6e6e58f7ebf86b4e7201694b1e4f3a62cbc3ec
- https://git.kernel.org/stable/c/831de271452b87657fcf8d715ee20519b79caef5
- https://git.kernel.org/stable/c/769d14abd35e0e153b5149c3e1e989a9d719e3ff
- https://git.kernel.org/stable/c/75799e71df1da11394740b43ae5686646179561d
- https://git.kernel.org/stable/c/5ec7d18d1813a5bead0b495045606c93873aecbb
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.261
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.224
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.170