what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2021-3640

Status Candidate

Overview

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.

Related Files

Ubuntu Security Notice USN-5267-3
Posted Feb 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-3 - USN-5267-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for Raspberry Pi devices. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 4a5754d3205b26805abdee8471083dc8dc84e0eb92a3e64f7fad52257c035f4c
Download | Favorite | View
Ubuntu Security Notice USN-5267-2
Posted Feb 9, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-2 - USN-5267-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused the kernel to freeze when accessing CIFS shares in some situations. This update fixes the problem.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 1fa802d233f94d6e25c95108667119d85ca0d36cae93f6c46bb286febc0cf8da
Download | Favorite | View
Ubuntu Security Notice USN-5268-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5268-1 - Keyu Man discovered that the ICMP implementation in the Linux kernel did not properly handle received ICMP error packets. A remote attacker could use this to facilitate attacks on UDP based services that depend on source port randomization. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2021-20322, CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | b8ba9e5c3e6439e47e28cee9eee4587c8f0d9fce5daef2974af08b9d6e1a91e8
Download | Favorite | View
Ubuntu Security Notice USN-5267-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5267-1 - It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-3640, CVE-2021-3752, CVE-2021-42739
SHA-256 | 60617003df6660f9983fff1c2b80b1947ece89928c93e406ca26afce7c3ebf67
Download | Favorite | View
Ubuntu Security Notice USN-5265-1
Posted Feb 3, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5265-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that the Bluetooth subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-3640, CVE-2021-3752, CVE-2021-3772, CVE-2021-4001, CVE-2021-4090, CVE-2021-4093, CVE-2021-4202, CVE-2021-42327, CVE-2021-42739
SHA-256 | 7e0f9271a061ce26f953885a06bf885e09f3bf96703739534c4177eca1b1fff1
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    2 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Hosting By
Rokasec
close