CVE-2021-3564

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1964139

http://www.openwall.com/lists/oss-security/2021/06/01/2

http://www.openwall.com/lists/oss-security/2021/05/25/1

https://www.openwall.com/lists/oss-security/2021/05/25/1

https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html

https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html

Details

Source: MITRE

Published: 2021-06-08

Updated: 2021-07-08

Type: CWE-416

Risk Information

CVSS v2

Base Score: 2.1

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 3.9

Severity: LOW

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Tenable Plugins

View all (28 total)

IDNameProductFamilySeverity
155425Oracle Linux 8 : kernel (ELSA-2021-4356)NessusOracle Linux Local Security Checks
high
155219RHEL 8 : kernel (RHSA-2021:4356)NessusRed Hat Local Security Checks
high
155172RHEL 8 : kernel-rt (RHSA-2021:4140)NessusRed Hat Local Security Checks
high
155145CentOS 8 : kernel (CESA-2021:4356)NessusCentOS Local Security Checks
high
155070CentOS 8 : kernel-rt (CESA-2021:4140)NessusCentOS Local Security Checks
high
154858OracleVM 3.4 : Unbreakable / etc (OVMSA-2021-0036)NessusOracleVM Local Security Checks
medium
154845Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2021-9534)NessusOracle Linux Local Security Checks
medium
154404EulerOS 2.0 SP3 : kernel (EulerOS-SA-2021-2588)NessusHuawei Local Security Checks
high
154165Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9485)NessusOracle Linux Local Security Checks
high
154163Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9488)NessusOracle Linux Local Security Checks
high
153703EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2530)NessusHuawei Local Security Checks
high
153692EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2502)NessusHuawei Local Security Checks
high
153567Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9458)NessusOracle Linux Local Security Checks
high
153559Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9460)NessusOracle Linux Local Security Checks
high
153271EulerOS 2.0 SP2 : kernel (EulerOS-SA-2021-2392)NessusHuawei Local Security Checks
high
152774Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5050-1)NessusUbuntu Local Security Checks
medium
152665Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5046-1)NessusUbuntu Local Security Checks
medium
152640Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5044-1)NessusUbuntu Local Security Checks
medium
152639Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5045-1)NessusUbuntu Local Security Checks
medium
152389Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9406)NessusOracle Linux Local Security Checks
high
152382Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9404)NessusOracle Linux Local Security Checks
high
151921Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5015-1)NessusUbuntu Local Security Checks
high
151897Slackware 14.2 : Slackware 14.2 kernel (SSA:2021-202-01)NessusSlackware Local Security Checks
high
151793Amazon Linux 2 : kernel (ALAS-2021-1685)NessusAmazon Linux Local Security Checks
medium
150985Debian DLA-2689-1 : linux security updateNessusDebian Local Security Checks
high
150984Debian DLA-2690-1 : linux-4.19 security updateNessusDebian Local Security Checks
high
150040Photon OS 3.0: Linux PHSA-2021-3.0-0243NessusPhotonOS Local Security Checks
medium
150036Photon OS 4.0: Linux PHSA-2021-4.0-0032NessusPhotonOS Local Security Checks
medium