CVE-2021-3752: Race Condition
First published: Tue Aug 31 2021(Updated: )
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel-rt | <0:3.10.0-1160.59.1.rt56.1200.el7 | 0:3.10.0-1160.59.1.rt56.1200.el7 |
| redhat/kernel | <0:3.10.0-1160.59.1.el7 | 0:3.10.0-1160.59.1.el7 |
| redhat/kernel-rt | <0:4.18.0-372.9.1.rt7.166.el8 | 0:4.18.0-372.9.1.rt7.166.el8 |
| redhat/kernel | <0:4.18.0-372.9.1.el8 | 0:4.18.0-372.9.1.el8 |
| Linux Linux kernel | >=2.6.12<4.4.293 | |
| Linux Linux kernel | >=4.5<4.9.291 | |
| Linux Linux kernel | >=4.10<4.14.256 | |
| Linux Linux kernel | >=4.15<4.19.218 | |
| Linux Linux kernel | >=4.20<5.4.160 | |
| Linux Linux kernel | >=5.5<5.10.80 | |
| Linux Linux kernel | >=5.11<5.14.19 | |
| Linux Linux kernel | >=5.15<5.15.3 | |
| Redhat 3scale | =2.0 | |
| Redhat Virtualization Host | =4.0 | |
| Fedoraproject Fedora | =34 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux For Real Time | =7 | |
| Redhat Enterprise Linux For Real Time For Nfv | =7 | |
| Netapp Baseboard Management Controller H300s Firmware | ||
| Netapp Baseboard Management Controller H300s | ||
| Netapp Baseboard Management Controller H500s Firmware | ||
| Netapp Baseboard Management Controller H500s | ||
| Netapp Baseboard Management Controller H700s Firmware | ||
| Netapp Baseboard Management Controller H700s | ||
| Netapp Baseboard Management Controller H300e Firmware | ||
| Netapp Baseboard Management Controller H300e | ||
| Netapp Baseboard Management Controller H500e Firmware | ||
| Netapp Baseboard Management Controller H500e | ||
| Netapp Baseboard Management Controller H700e Firmware | ||
| Netapp Baseboard Management Controller H700e | ||
| Netapp Baseboard Management Controller H410s Firmware | ||
| Netapp Baseboard Management Controller H410s | ||
| Netapp Baseboard Management Controller H410c Firmware | ||
| Netapp Baseboard Management Controller H410c | ||
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Oracle Communications Cloud Native Core Binding Support Function | =22.1.3 | |
| Oracle Communications Cloud Native Core Network Exposure Function | =22.1.1 | |
| Oracle Communications Cloud Native Core Policy | =22.2.0 | |
| redhat/kernel | <5.15.3 | 5.15.3 |
| All of | ||
| Netapp H300s | ||
| Netapp H300s Firmware | ||
| All of | ||
| Netapp H500s | ||
| Netapp H500s Firmware | ||
| All of | ||
| Netapp H700s | ||
| Netapp H700s Firmware | ||
| All of | ||
| Netapp H300e | ||
| Netapp H300e Firmware | ||
| All of | ||
| Netapp H500e | ||
| Netapp H500e Firmware | ||
| All of | ||
| Netapp H700e | ||
| Netapp H700e Firmware | ||
| All of | ||
| Netapp H410s | ||
| Netapp H410s Firmware | ||
| All of | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| Netapp H300s | ||
| Netapp H300s Firmware | ||
| Netapp H500s | ||
| Netapp H500s Firmware | ||
| Netapp H700s | ||
| Netapp H700s Firmware | ||
| Netapp H300e | ||
| Netapp H300e Firmware | ||
| Netapp H500e | ||
| Netapp H500e Firmware | ||
| Netapp H700e | ||
| Netapp H700e Firmware | ||
| Netapp H410s | ||
| Netapp H410s Firmware | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.112-1 6.11.5-1 6.11.7-1 |
Remedy
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation baser or stability. The possible solution is to disable Bluetooth completely: https://access.redhat.com/solutions/2682931
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-3752 https://nvd.nist.gov/vuln/detail/CVE-2021-3752 https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/ https://www.openwall.com/lists/oss-security/2021/09/15/4
- https://bugzilla.redhat.com/show_bug.cgi?id=1999544
- https://access.redhat.com/errata/RHSA-2022:0622
- https://access.redhat.com/errata/RHSA-2022:0620
- https://access.redhat.com/errata/RHSA-2022:1975
- https://access.redhat.com/errata/RHSA-2022:1988
- https://access.redhat.com/security/cve/cve-2021-3752
- https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
- https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/
- https://security.netapp.com/advisory/ntap-20220318-0009/
- https://www.debian.org/security/2022/dsa-5096
- https://www.openwall.com/lists/oss-security/2021/09/15/4
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://launchpad.net/bugs/cve/CVE-2021-3752
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2004506
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1999544#c12
- https://packages.qa.debian.org/l/linux/news/20211209T191708Z.html
- https://lore.kernel.org/lkml/20210714031733.1395549-1-bobo.shaobowang@huawei.com/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1999544#c13
- https://lore.kernel.org/lkml/20210714031733.1395549-1-bobo.shaobowang@huawei
- https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/
- https://security-tracker.debian.org/tracker/CVE-2021-3752
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3752
- https://nvd.nist.gov/vuln/detail/CVE-2021-3752
- https://ubuntu.com/security/CVE-2021-3752
Parent vulnerabilities
(Appears in the following advisories)
- collector/redhat-cve
- collector/nvd-index
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/type
- agent/remedy
- agent/author
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-3752
- agent/software-canonical-lookup
- agent/weakness
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- package-manager/redhat
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/2.6.12
- version/linux linux kernel/4.5
- version/linux linux kernel/4.10
- version/linux linux kernel/4.15
- version/linux linux kernel/4.20
- version/linux linux kernel/5.5
- version/linux linux kernel/5.11
- version/linux linux kernel/5.15
- vendor/redhat
- canonical/redhat 3scale
- version/redhat 3scale/2.0
- canonical/redhat virtualization host
- version/redhat virtualization host/4.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- version/redhat enterprise linux/8.0
- canonical/redhat enterprise linux for real time
- version/redhat enterprise linux for real time/7
- canonical/redhat enterprise linux for real time for nfv
- version/redhat enterprise linux for real time for nfv/7
- vendor/netapp
- canonical/netapp baseboard management controller h300s firmware
- canonical/netapp baseboard management controller h300s
- canonical/netapp baseboard management controller h500s firmware
- canonical/netapp baseboard management controller h500s
- canonical/netapp baseboard management controller h700s firmware
- canonical/netapp baseboard management controller h700s
- canonical/netapp baseboard management controller h300e firmware
- canonical/netapp baseboard management controller h300e
- canonical/netapp baseboard management controller h500e firmware
- canonical/netapp baseboard management controller h500e
- canonical/netapp baseboard management controller h700e firmware
- canonical/netapp baseboard management controller h700e
- canonical/netapp baseboard management controller h410s firmware
- canonical/netapp baseboard management controller h410s
- canonical/netapp baseboard management controller h410c firmware
- canonical/netapp baseboard management controller h410c
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/oracle
- canonical/oracle communications cloud native core binding support function
- version/oracle communications cloud native core binding support function/22.1.3
- canonical/oracle communications cloud native core network exposure function
- version/oracle communications cloud native core network exposure function/22.1.1
- canonical/oracle communications cloud native core policy
- version/oracle communications cloud native core policy/22.2.0
- canonical/netapp h300s
- canonical/netapp h300s firmware
- canonical/netapp h500s
- canonical/netapp h500s firmware
- canonical/netapp h700s
- canonical/netapp h700s firmware
- canonical/netapp h300e
- canonical/netapp h300e firmware
- canonical/netapp h500e
- canonical/netapp h500e firmware
- canonical/netapp h700e
- canonical/netapp h700e firmware
- canonical/netapp h410s
- canonical/netapp h410s firmware
- canonical/netapp h410c firmware
- canonical/netapp h410c
- package-manager/debian