#VU90140 Use-after-free in Linux kernel


Published: 2024-05-31

Vulnerability identifier: #VU90140

Vulnerability risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-47388

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ieee80211_crypto_ccmp_decrypt() and ieee80211_crypto_gcmp_decrypt() functions in net/mac80211/wpa.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel:

External links
http://git.kernel.org/stable/c/447d001b875d0e7f211c4ba004916028da994258
http://git.kernel.org/stable/c/31de381aef0ab1b342f62485118dc8a19363dc78
http://git.kernel.org/stable/c/f556e1d6fb9f2923a9a36f3df638c7d79ba09dbb
http://git.kernel.org/stable/c/3d5d629c99c468458022e9b381789de3595bf4dd
http://git.kernel.org/stable/c/50149e0866a82cef33e680ee68dc380a5bc75d32
http://git.kernel.org/stable/c/57de2dcb18742dc2860861c9f496da7d42b67da0
http://git.kernel.org/stable/c/27d3eb5616ee2c0a3b30c3fa34813368ed1f3dc9
http://git.kernel.org/stable/c/94513069eb549737bcfc3d988d6ed4da948a2de8

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


SUSE update for the Linux Kernel
openEuler 20.03 LTS SP4 update for kernel
Use-after-free in Linux kernel mac80211