nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-02-01T03:43:32
Updated: 2024-08-03T16:53:17.319Z
Reserved: 2021-02-01T00:00:00
Link: CVE-2021-3348
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-02-01T04:15:14.430
Modified: 2022-04-26T16:17:02.940
Link: CVE-2021-3348
Redhat