#VU91467 Race condition in Linux kernel - CVE-2021-47248
Vulnerability identifier: #VU91467
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-362
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the udpv6_destroy_sock() function in net/ipv6/udp.c, within the udp_destroy_sock() and udp_abort() functions in net/ipv4/udp.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f
https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e
https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad
https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56
https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac
https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241
https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
