CVE-2021-4028: Use After Free
First published: Mon Oct 04 2021(Updated: )
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | >=5.10<5.10.71 | |
| Linux Linux kernel | >=5.11<5.14.10 | |
| SUSE Linux Enterprise | =15.0-sp3 | |
| SUSE Linux Enterprise | =15.0-sp4 | |
| redhat/kernel-rt | <0:3.10.0-1160.62.1.rt56.1203.el7 | 0:3.10.0-1160.62.1.rt56.1203.el7 |
| redhat/kernel | <0:3.10.0-1160.62.1.el7 | 0:3.10.0-1160.62.1.el7 |
| redhat/kernel | <0:3.10.0-514.101.1.el7 | 0:3.10.0-514.101.1.el7 |
| redhat/kernel | <0:3.10.0-693.100.1.el7 | 0:3.10.0-693.100.1.el7 |
| redhat/kernel | <0:3.10.0-957.94.1.el7 | 0:3.10.0-957.94.1.el7 |
| redhat/kernel | <0:3.10.0-1062.66.1.el7 | 0:3.10.0-1062.66.1.el7 |
| redhat/kernel-rt | <0:4.18.0-348.23.1.rt7.153.el8_5 | 0:4.18.0-348.23.1.rt7.153.el8_5 |
| redhat/kernel | <0:4.18.0-348.23.1.el8_5 | 0:4.18.0-348.23.1.el8_5 |
| redhat/kernel | <0:4.18.0-147.64.1.el8_1 | 0:4.18.0-147.64.1.el8_1 |
| redhat/kernel-rt | <0:4.18.0-193.75.1.rt13.125.el8_2 | 0:4.18.0-193.75.1.rt13.125.el8_2 |
| redhat/kernel | <0:4.18.0-193.75.1.el8_2 | 0:4.18.0-193.75.1.el8_2 |
| redhat/kernel-rt | <0:4.18.0-305.40.1.rt7.112.el8_4 | 0:4.18.0-305.40.1.rt7.112.el8_4 |
| redhat/kernel | <0:4.18.0-305.40.1.el8_4 | 0:4.18.0-305.40.1.el8_4 |
| redhat/redhat-virtualization-host | <0:4.3.22-20220330.1.el7_9 | 0:4.3.22-20220330.1.el7_9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2021-4028
- https://bugzilla.redhat.com/show_bug.cgi?id=2027201
- https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74
- https://lkml.org/lkml/2021/10/4/697
- https://security.netapp.com/advisory/ntap-20221228-0002/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2032068
- https://access.redhat.com/errata/RHSA-2022:0590
- https://access.redhat.com/errata/RHSA-2022:0629
- https://access.redhat.com/errata/RHSA-2022:0636
- https://access.redhat.com/errata/RHSA-2022:0771
- https://access.redhat.com/errata/RHSA-2022:0772
- https://access.redhat.com/errata/RHSA-2022:0777
- https://access.redhat.com/errata/RHSA-2022:0823
- https://access.redhat.com/errata/RHSA-2022:0851
- https://access.redhat.com/errata/RHSA-2022:0958
- https://access.redhat.com/errata/RHSA-2022:1185
- https://access.redhat.com/errata/RHSA-2022:1198
- https://access.redhat.com/errata/RHSA-2022:1199
- https://access.redhat.com/errata/RHSA-2022:1263
- https://access.redhat.com/errata/RHSA-2022:1324
- https://access.redhat.com/errata/RHSA-2022:1373
- https://access.redhat.com/errata/RHSA-2022:1535
- https://access.redhat.com/errata/RHSA-2022:1555
- https://access.redhat.com/errata/RHSA-2022:1550
- https://access.redhat.com/errata/RHSA-2022:2189
- https://access.redhat.com/errata/RHSA-2022:2188
- https://access.redhat.com/errata/RHSA-2022:2186
- https://access.redhat.com/errata/RHSA-2022:2211
- https://access.redhat.com/errata/RHSA-2022:4896
- https://access.redhat.com/security/cve/cve-2021-4028
- https://www.cve.org/CVERecord?id=CVE-2021-4028 https://nvd.nist.gov/vuln/detail/CVE-2021-4028 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74 https://lkml.org/lkml/2021/10/4/697
Parent vulnerabilities
(Appears in the following advisories)
- RHSA-2022:1199
- RHSA-2022:1185
- RHSA-2022:1198
- RHSA-2022:2189
- RHSA-2022:2188
- RHSA-2022:2186
- RHSA-2022:2211
- RHSA-2022:1324
- RHSA-2022:1373
- RHSA-2022:1555
- RHSA-2022:1535
- RHSA-2022:1550
- RHSA-2022:0823
- RHSA-2022:0851
- RHSA-2022:0958
- RHSA-2022:0629
- RHSA-2022:0590
- RHSA-2022:0636
- RHSA-2022:0771
- RHSA-2022:0772
- RHSA-2022:0777
- RHSA-2022:1263
- RHSA-2022:4896
Frequently Asked Questions
What is CVE-2021-4028?
CVE-2021-4028 is a vulnerability in the Linux kernel's implementation of RDMA communications manager listener code.
How severe is CVE-2021-4028?
CVE-2021-4028 has a severity value of 7, which is considered high.
What is the affected software for CVE-2021-4028?
The affected software includes Red Hat kernel versions up to 5.15, kernel-rt versions up to 3.10.0-1160.62.1.rt56.1203.el7, and SUSE Linux Enterprise versions 15.0-sp3 and 15.0-sp4.
How do I fix CVE-2021-4028?
To fix CVE-2021-4028, you need to update your Linux kernel to a version that includes the necessary patches. Refer to the vendor's security advisory for the specific kernel versions that address the vulnerability.
Where can I find more information about CVE-2021-4028?
You can find more information about CVE-2021-4028 in the Red Hat bugzilla and SUSE bugzilla links provided, as well as the Red Hat security advisory.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-4028
- agent/software-canonical-lookup
- collector/redhat-cve
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/5.10
- version/linux linux kernel/5.11
- vendor/suse
- canonical/suse linux enterprise
- version/suse linux enterprise/15.0-sp3
- version/suse linux enterprise/15.0-sp4
- package-manager/redhat