#VU63383 NULL pointer dereference in Linux kernel - CVE-2021-38208

Cybersecurity Help s.r.o.

Published: 2022-05-18

Vulnerability identifier: #VU63383

Vulnerability risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-38208

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the net/nfc/llcp_sock.c component. A remote attacker can make getsockname call and perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.12 - 5.12.4

External links
https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10
https://www.openwall.com/lists/oss-security/2021/08/17/1
https://www.openwall.com/lists/oss-security/2021/08/17/2
https://bugzilla.redhat.com/show_bug.cgi?id=1992810
https://www.openwall.com/lists/oss-security/2021/08/24/2

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell Storage Monitoring and Reporting (SMR)

Multiple vulnerabilities in DELL Secure Connect Gateway Security

SUSE update for the Linux Kernel