Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2021-34981
HistoryNov 01, 2021 - 5:49 a.m.

CVE-2021-34981

2021-11-0105:49:19
redhat.com
access.redhat.com
23

CVSS3

7.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

28.8%

JSON

A flaw was found in the Linux kernel’s CAPI over Bluetooth connection code. An attacker with a local account can escalate privileges when CAPI (ISDN) hardware connection fails.

Mitigation

To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the Customer Portal at <https://access.redhat.com/solutions/2682931&gt;.

Alternatively, Bluetooth can be disabled within the hardware or at BIOS level which will also provide an effective mitigation as the kernel will not be able to detect that Bluetooth hardware is present on the system.

Related

ubuntucve 1
cve 2
cvelist 1
zdi 1
debiancve 1
nvd 2
vulnrichment 1
nessus 21
suse 4
openvas 17
oraclelinux 1
ubuntucve
ubuntucve
CVE-2021-34981
2024-05-07 00:00:00
cve
cve
CVE-2021-34981
2024-05-07 23:15:13
CVE-2021-3534
2022-02-01 05:15:09
cvelist
cvelist
CVE-2021-34981 Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
2024-05-07 22:54:49
zdi
zdi
Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
2021-10-21 00:00:00
debiancve
debiancve
CVE-2021-34981
2024-05-07 23:15:13
nvd
nvd
CVE-2021-34981
2024-05-07 23:15:13
CVE-2021-3534
2022-02-01 05:15:09
vulnrichment
vulnrichment
CVE-2021-34981 Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability
2024-05-07 22:54:49
nessus
nessus
SUSE SLES15 Security Update : the Linux RT Kernel (SUSE-SU-2021:3979-1)
2021-12-10 00:00:00
openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3941-1)
2021-12-07 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:3877-1)
2021-12-03 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2021-12-06 00:00:00
Security update for the Linux Kernel (important)
2021-11-25 00:00:00
Security update for the Linux Kernel (important)
2021-11-24 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:3941-1)
2021-12-07 00:00:00
openSUSE: Security Advisory for the (openSUSE-SU-2021:3941-1)
2021-12-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:3877-1)
2021-12-03 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-03-01 00:00:00

CVSS3

7.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

28.8%

JSON
Related for RH:CVE-2021-34981
ubuntucve1cve2cvelist1zdi1debiancve1nvd2vulnrichment1nessus21suse4openvas17oraclelinux1