Lucene search

K
nvd[email protected]NVD:CVE-2021-3752
HistoryFeb 16, 2022 - 7:15 p.m.

CVE-2021-3752

2022-02-1619:15:08
CWE-416
CWE-362
web.nvd.nist.gov
1

CVSS2

7.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.1

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

46.5%

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Affected configurations

NVD
Node
linuxlinux_kernelRange2.6.124.4.293
OR
linuxlinux_kernelRange4.54.9.291
OR
linuxlinux_kernelRange4.104.14.256
OR
linuxlinux_kernelRange4.154.19.218
OR
linuxlinux_kernelRange4.205.4.160
OR
linuxlinux_kernelRange5.55.10.80
OR
linuxlinux_kernelRange5.115.14.19
OR
linuxlinux_kernelRange5.155.15.3
Node
redhat3scaleMatch2.0
OR
redhatvirtualization_hostMatch4.0
OR
fedoraprojectfedoraMatch34
OR
redhatenterprise_linuxMatch7.0
OR
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linux_for_real_timeMatch7
OR
redhatenterprise_linux_for_real_time_for_nfvMatch7
Node
netapph300sMatch-
AND
netapph300s_firmwareMatch-
Node
netapph500sMatch-
AND
netapph500s_firmwareMatch-
Node
netapph700sMatch-
AND
netapph700s_firmwareMatch-
Node
netapph300eMatch-
AND
netapph300e_firmwareMatch-
Node
netapph500eMatch-
AND
netapph500e_firmwareMatch-
Node
netapph700eMatch-
AND
netapph700e_firmwareMatch-
Node
netapph410sMatch-
AND
netapph410s_firmwareMatch-
Node
netapph410c_firmwareMatch-
AND
netapph410cMatch-
Node
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
oraclecommunications_cloud_native_core_binding_support_functionMatch22.1.3
OR
oraclecommunications_cloud_native_core_network_exposure_functionMatch22.1.1
OR
oraclecommunications_cloud_native_core_policyMatch22.2.0

CVSS2

7.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.1

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

46.5%