Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2021-3760

Published: 16/02/2022 Updated: 09/11/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

It exists that the NFC subsystem in the Linux kernel contained a use-after-free vulnerability in its NFC Controller Interface (NCI) implementation. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760) ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

fedoraproject fedora 34

debian debian linux 9.0

netapp h300s firmware -

netapp h500s firmware -

netapp h700s firmware -

netapp h300e firmware -

netapp h500e firmware -

netapp h700e firmware -

netapp h410s firmware -

netapp h410c firmware -

Vendor Advisories

Ubuntu Security Notice: USN-5513-1: Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: USN-5505-1: Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel ...
Debian Security Advisories: DSA-5096-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-29374 Jann Horn of Google reported a flaw in Linux's virtual memory management A parent and child process initially share all their memory, but when either writes to a shared page, ...
Arch Linux Issues:
A use-after-free vulnerability of ndev->rf_conn_info object has been found in the Linux kernel NFC stack The root cause is that ndev->rf_conn_info is forgotten to be set to NULL when the object is released ...

Mailing Lists

Full Disclosure: RE: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
Solar Designer <solar () openwall com> writes: Yes, we totally missed this This is one I think we've been able to handle previously and would like to keep handling Regards, Anthony Liguori ...
Full Disclosure: Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
On Tue, Oct 26, 2021 at 02:37:20PM +0800, Lin Horse wrote: Ouch Let's use this opportunity to learn from the mishandling of this issue and avoid that for other issues Many things went wrong here: 1 The original notification by Lin to linux-distros did include "I'd like to ask for 14 days of the embargo", which is OK'ish, but ideally such me ...
Full Disclosure: Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
Hi Alexander, Thanks for the reply Gotcha, I was always got confused about the embargo date and public disclosure data/time This suggestion is great I have no idea about that before today This is quite sense-making as I was once thought that I only need to send the original report and wait Now I understand what I should do to with both s ...
Full Disclosure: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
Hello there, Our team found a UAF vulnerability of ndev->rf_conn_info object in the kernel NFC stack The root cause is that ndev->rf_conn_info is forgotten to set to NULL when the object is released =*=*=*=*=*=*=*=*= BUG DETAILS =*=*=*=*=*=*=*=*= We will talk about the ALLOC routine, the FREE routine, and the UAF routine With dyn ...
Full Disclosure: Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
On Tue, Oct 26, 2021 at 08:14:20PM +0800, Lin Horse wrote: Thanks Looks like the same fix you already shared on September 1 I also found this was (first?) made public on Linux kernel mailing lists (linux-nfc, netdev, linux-kernel) on October 7 by someone from Canonical (and Lin was CC'ed): listsopenwallnet/netdev/2021/10/07/239 Ca ...
Full Disclosure: Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
Acknowledged and agreed --- Regards, Roxana ...
Full Disclosure: Re: CVE-2021-3760: Linux kernel: Use-After-Free vulnerability of ndev->rf_conn_info object
On Tue, Oct 26, 2021 at 02:30:18PM +0200, Solar Designer wrote: Krzysztof Kozlowski is the current NFC maintainer, so I asked him, and he confirmed that he was on Cc when/after this was reported to security () kernel org So, this was independent from the reports that were gone through linux-distros He was not aware that this was brought to lin ...

References

CWE-416https://bugzilla.redhat.com/show_bug.cgi?id=2000585https://lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlhttps://www.debian.org/security/2022/dsa-5096https://security.netapp.com/advisory/ntap-20220318-0007/https://nvd.nist.govhttps://ubuntu.com/security/notices/USN-5513-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316firmwareCVE-2024-30078CVE-2024-5995remote code executionlogic flawCVE-2024-20693CVE-2024-37315CVE-2024-5464
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook