#VU91059 Use-after-free in Linux kernel - CVE-2021-47358

Cybersecurity Help s.r.o.

Published: 2024-06-04

Vulnerability identifier: #VU91059

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47358

CWE-ID: CWE-416

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gbphy_runtime_put_autosuspend(), gb_uart_probe() and gb_uart_remove() functions in drivers/staging/greybus/uart.c. A local user can escalate privileges on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/92b67aaafb7c449db9f0c3dcabc0ff967cb3a42d
https://git.kernel.org/stable/c/64062fcaca8872f063ec9da011e7bf30470be33f
https://git.kernel.org/stable/c/a5cfd51f6348e8fd7531461366946039c29c7e69
https://git.kernel.org/stable/c/4dc56951a8d9d61d364d346c61a5f1d70b4f5e14
https://git.kernel.org/stable/c/b9e697e60ce9890e9258a73eb061288e7d68e5e6
https://git.kernel.org/stable/c/9872ff6fdce8b229f01993b611b5d1719cb70ff1
https://git.kernel.org/stable/c/92dc0b1f46e12cfabd28d709bb34f7a39431b44f

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Use-after-free in Linux kernel staging greybus driver