CVE-2021-44733

Опубликовано: 14 дек. 2021

Источник: redhat

CVSS3: 7.4

Описание

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

A use-after-free flaw in the Linux kernel TEE (Trusted Execution Environment) subsystem was found in the way user calls ioctl TEE_IOC_OPEN_SESSION or TEE_IOC_INVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with the CONFIG_PREEMPT option or CONFIG_CPU_SW_DOMAIN_PAN option enabled, then it is unlikely that a user can trigger this issue.

Меры по смягчению последствий

To mitigate this issue, prevent the modules tee, trusted_tee from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Fixed	RHSA-2022:1975	10.05.2022
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2022:1988	10.05.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-908

https://bugzilla.redhat.com/show_bug.cgi?id=2030747kernel: use-after-free in the TEE subsystem

7.4 High

CVSS3

Связанные уязвимости

CVE-2021-44733

CVSS3: 7

ubuntu

больше 3 лет назад

CVE-2021-44733

CVSS3: 7

nvd

больше 3 лет назад

CVE-2021-44733

CVSS3: 7

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-44733

CVSS3: 7

debian

больше 3 лет назад

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem ...

GHSA-4xqq-q6wp-w8h4

CVSS3: 7

github

больше 3 лет назад

7.4 High

CVSS3