Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-23133
HistoryApr 22, 2021 - 12:00 a.m.

CVE-2021-23133

2021-04-2200:00:00
ubuntu.com
ubuntu.com
31

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

33.3%

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before
5.12-rc8 can lead to kernel privilege escalation from the context of a
network service or an unprivileged process. If sctp_destroy_sock is called
without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the
auto_asconf_splist list without any proper locking. This can be exploited
by an attacker with network service privileges to escalate to root or from
the context of an unprivileged user directly if a
BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP
socket.

Notes

Author Note
sbeattie commit b166a20b0738 “net/sctp: fix race condition in sctp_destroy_sock” in net-next
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-147.151UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-77.86UNKNOWN
ubuntu20.10noarchlinux< 5.8.0-59.66UNKNOWN
ubuntu21.04noarchlinux< 5.11.0-22.23UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1106.113UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1051.53UNKNOWN
ubuntu20.10noarchlinux-aws< 5.8.0-1038.40UNKNOWN
ubuntu21.04noarchlinux-aws< 5.11.0-1011.11UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1051.53~18.04.1UNKNOWN
ubuntu20.04noarchlinux-aws-5.8< 5.8.0-1038.40~20.04.1UNKNOWN
Rows per page:
1-10 of 581

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

33.3%