Описание
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
A flaw was found in the Linux kernel. A use-after-free was found in the implementation of nfc sockets leading to a kernel privilege escalation from the context of an unprivileged user. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Отчет
This flaw is rated as having a Moderate impact because in the default configuration, the issue can only be triggered by a privileged local user (with capability CAP_NET_RAW).
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Enterprise Linux 6 | kernel | Not affected | ||
Red Hat Enterprise Linux 7 | kernel | Not affected | ||
Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
Red Hat Enterprise Linux 8 | kernel | Not affected | ||
Red Hat Enterprise Linux 8 | kernel-rt | Not affected | ||
Red Hat Enterprise Linux 9 | kernel | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
Use After Free vulnerability in nfc sockets in the Linux Kernel before ...
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.2 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
EPSS
7.8 High
CVSS3