#VU88892 Use-after-free in Linux kernel - CVE-2021-46936

Vulnerability identifier: #VU88892

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-46936

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the inet_init() function in net/ipv4/af_inet.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: before 4.14.261, 4.14.261

---

External links
https://git.kernel.org/stable/c/15579e1301f856ad9385d720c9267c11032a5022
https://git.kernel.org/stable/c/e73164e89d1be561228a4534e1091369ee4ba41a
https://git.kernel.org/stable/c/5c2fe20ad37ff56070ae0acb34152333976929b4
https://git.kernel.org/stable/c/a8e1944b44f94f5c5f530e434c5eaee787254566
https://git.kernel.org/stable/c/fe5838c22b986c1190f1dce9aa09bf6a491c1a69
https://git.kernel.org/stable/c/2386e81a1d277f540e1285565c9d41d531bb69d4
https://git.kernel.org/stable/c/08eacbd141e2495d2fcdde84358a06c4f95cbb13
https://git.kernel.org/stable/c/e22e45fc9e41bf9fcc1e92cfb78eb92786728ef0

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.