Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-3640
HistoryMar 03, 2022 - 11:15 p.m.

Race condition

2022-03-0323:15:00
PRIOn knowledge base
www.prio-n.com
18
race condition
use-after-free
privileged user

AI Score

6.7

Confidence

High

EPSS

0

Percentile

5.1%

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.