CVE-2021-33034

2021-05-19T00:28:02
ID RH:CVE-2021-33034
Type redhatcve
Reporter redhat.com
Modified 2021-07-22T18:53:43

Description

A use-after-free flaw was found in hci_send_acl in the bluetooth host controller interface (HCI) in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hci_disconn_loglink_complete_evt, yet still used in other places. The highest threat from this vulnerability is to data integrity, confidentiality and system availability.

Mitigation

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.