Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-47356 |
CWE-ID | CWE-416 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU90134
Risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47356
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the HFC_cleanup() function in drivers/isdn/hardware/mISDN/hfcpci.c. A local user can escalate privileges on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe
http://git.kernel.org/stable/c/54ff3202928952a100c477248e65ac6db01258a7
http://git.kernel.org/stable/c/7867ddc5f3de7f289aee63233afc0df4b62834c5
http://git.kernel.org/stable/c/5f2818185da0fe82a932f0856633038b66faf124
http://git.kernel.org/stable/c/3ecd228c636ee17c14662729737fa07242a93cb0
http://git.kernel.org/stable/c/b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d
http://git.kernel.org/stable/c/61370ff07e0acc657559a8fac02551dfeb9d3020
http://git.kernel.org/stable/c/ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda
http://git.kernel.org/stable/c/009fc857c5f6fda81f2f7dd851b2d54193a8e733
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.