CVE-2021-3573 — MEDIUM (6.4)

Q: How severe is CVE-2021-3573?

CVE-2021-3573 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-3573?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux, Fedoraproject Fedora.

Vulnerability Description

A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.

CVSS Score

6.4

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	< 5.13
Redhat	Enterprise Linux	6.0
Fedoraproject	Fedora	34

Related Weaknesses (CWE)

CWE-362

References

http://www.openwall.com/lists/oss-security/2023/07/02/1
https://bugzilla.redhat.com/show_bug.cgi?id=1966578Issue TrackingThird Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?PatchVendor Advisory
https://www.openwall.com/lists/oss-security/2021/06/08/2ExploitMailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/07/02/1
https://bugzilla.redhat.com/show_bug.cgi?id=1966578Issue TrackingThird Party Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?PatchVendor Advisory
https://www.openwall.com/lists/oss-security/2021/06/08/2ExploitMailing ListThird Party Advisory

FAQ

What is CVE-2021-3573?

CVE-2021-3573 is a vulnerability with a CVSS score of 6.4 (MEDIUM). A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregiste...

How severe is CVE-2021-3573?

CVE-2021-3573 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-3573?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Redhat Enterprise Linux, Fedoraproject Fedora.