CVE-2021-38208 - OpenCVE

net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2021/08/17/1
http://www.openwall.com/lists/oss-security/2021/08/17/2
http://www.openwall.com/lists/oss-security/2021/08/24/2
https://bugzilla.redhat.com/show_bug.cgi?id=1992810
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10
https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba
https://nvd.nist.gov/vuln/detail/CVE-2021-38208
https://www.cve.org/CVERecord?id=CVE-2021-38208

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-08-08T19:22:22

Updated: 2024-08-04T01:37:16.360Z

Reserved: 2021-08-08T00:00:00

Link: CVE-2021-38208

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-08-08T20:15:07.387

Modified: 2021-09-21T18:23:56.880

Link: CVE-2021-38208

Redhat

Severity : Moderate

Publid Date: 2021-05-31T00:00:00Z

Links: CVE-2021-38208 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-08-24T14:06:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba"}, {"tags": ["x_refsource_MISC"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10"}, {"name": "[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/08/17/1"}, {"name": "[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/08/17/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992810"}, {"name": "[oss-security] 20210824 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/08/24/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-38208", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10"}, {"name": "[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/08/17/1"}, {"name": "[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/08/17/2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1992810", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992810"}, {"name": "[oss-security] 20210824 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/08/24/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T01:37:16.360Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10"}, {"name": "[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/08/17/1"}, {"name": "[oss-security] 20210817 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/08/17/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992810"}, {"name": "[oss-security] 20210824 Re: Linux kernel: nfc: null ptr dereference in llcp_sock_getname", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/08/24/2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-38208", "datePublished": "2021-08-08T19:22:22", "dateReserved": "2021-08-08T00:00:00", "dateUpdated": "2024-08-04T01:37:16.360Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF7FC8F9-201D-4170-B56B-EA6E69B1FB1F", "versionEndExcluding": "5.12.10", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call."}, {"lang": "es", "value": "El archivo net/nfc/llcp_sock.c en el kernel de Linux versiones anteriores a 5.12.10, permite a los usuarios locales no privilegiados causar una denegaci\u00f3n de servicio (desreferencia del puntero NULL y BUG) al hacer una llamada getsockname despu\u00e9s de cierto tipo de fallo de una llamada de enlace"}], "id": "CVE-2021-38208", "lastModified": "2021-09-21T18:23:56.880", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-08-08T20:15:07.387", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/08/17/1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/08/17/2"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/08/24/2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992810"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: NULL pointer dereference in net/nfc/llcp_sock.c by making a getsockname call after a certain type of failure of a bind call", "id": "1992810", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1992810"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-665->CWE-476", "details": ["net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.", "A flaw was found in the Linux kernels NFC implementation, A NULL pointer dereference and BUG leading to a denial of service can be triggered by a local unprivileged user causing a kernel panic."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2021-38208", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-05-31T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-38208\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-38208"], "threat_severity": "Moderate", "upstream_fix": "kernel 5.13-rc5"}