Lucene search

K
cvelistRedhatCVELIST:CVE-2021-3752
HistoryFeb 16, 2022 - 6:35 p.m.

CVE-2021-3752

2022-02-1618:35:34
CWE-416
redhat
www.cve.org
5
linux
bluetooth
use-after-free
vulnerability
race condition
system crash
privilege escalation
confidentiality
integrity
system availability

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

46.5%

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "kernel 5.15.3"
      }
    ]
  }
]