First published: Mon Mar 22 2021(Updated: )
A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface (HCI) in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet still used in other places. The highest threat from this vulnerability is to data integrity, confidentiality and system availability.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1160.36.2.rt56.1179.el7 | 0:3.10.0-1160.36.2.rt56.1179.el7 |
redhat/kernel | <0:3.10.0-1160.36.2.el7 | 0:3.10.0-1160.36.2.el7 |
redhat/kernel | <0:3.10.0-327.98.2.el7 | 0:3.10.0-327.98.2.el7 |
redhat/kernel | <0:3.10.0-514.90.2.el7 | 0:3.10.0-514.90.2.el7 |
redhat/kernel | <0:3.10.0-693.90.2.el7 | 0:3.10.0-693.90.2.el7 |
redhat/kernel | <0:3.10.0-957.78.2.el7 | 0:3.10.0-957.78.2.el7 |
redhat/kernel | <0:3.10.0-1062.52.2.el7 | 0:3.10.0-1062.52.2.el7 |
redhat/kernel-rt | <0:4.18.0-305.7.1.rt7.79.el8_4 | 0:4.18.0-305.7.1.rt7.79.el8_4 |
redhat/kernel | <0:4.18.0-305.7.1.el8_4 | 0:4.18.0-305.7.1.el8_4 |
redhat/kernel | <0:4.18.0-147.51.1.el8_1 | 0:4.18.0-147.51.1.el8_1 |
redhat/kernel-rt | <0:4.18.0-193.60.2.rt13.112.el8_2 | 0:4.18.0-193.60.2.rt13.112.el8_2 |
redhat/kernel | <0:4.18.0-193.60.2.el8_2 | 0:4.18.0-193.60.2.el8_2 |
redhat/redhat-virtualization-host | <0:4.3.17-20210713.0.el7_9 | 0:4.3.17-20210713.0.el7_9 |
redhat/redhat-virtualization-host | <0:4.4.7-20210715.1.el8_4 | 0:4.4.7-20210715.1.el8_4 |
Linux Linux kernel | <5.12.4 | |
Fedoraproject Fedora | =34 | |
Debian Debian Linux | =9.0 | |
redhat/kernel | <5.13 | 5.13 |
IBM DRM | <=2.0.6 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.112-1 6.11.5-1 6.11.7-1 |
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)