First published: Mon Jan 03 2022(Updated: )
A flaw was found in the Linux kernel. Similar to the <a href="https://access.redhat.com/security/cve/CVE-2021-35373">CVE-2021-35373</a>, the nci_request() function in NFC NCI code also suffers from a data race. This race will allow __nci_request() to be awaken while the device is getting removed and cause UAF. The attacker can spray the released object to gain powerful primitive. Upstream commit: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15">https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=86cdf8e38792545161dbe3350a7eced558ba4d15</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406">https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=48b71a9e66c2eab60564b1b1c85f4928ed04e406</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102">https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3e3b5dfcd16a3e254aab61bd1e8c417dd4503102</a> <a href="https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=aedddb4e45b34426cfbfa84454b6f203712733c5">https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=aedddb4e45b34426cfbfa84454b6f203712733c5</a>
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=3.2<4.4.294 | |
Linux Linux kernel | >=4.5<4.9.292 | |
Linux Linux kernel | >=4.10<4.14.257 | |
Linux Linux kernel | >=4.15<4.19.219 | |
Linux Linux kernel | >=4.20<5.4.163 | |
Linux Linux kernel | >=5.5.0<5.10.82 | |
Linux Linux kernel | >=5.11<5.15.5 | |
redhat/kernel | <5.16 | 5.16 |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.