CVE - CVE-2021-47068

CVE-ID
CVE-2021-47068	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed a refcount leak bug in bind/connect but introduced a use-after-free if the same local is assigned to 2 different sockets. This can be triggered by the following simple program: int sock1 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP ); int sock2 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP ); memset( &addr, 0, sizeof(struct sockaddr_nfc_llcp) ); addr.sa_family = AF_NFC; addr.nfc_protocol = NFC_PROTO_NFC_DEP; bind( sock1, (struct sockaddr) &addr, sizeof(struct sockaddr_nfc_llcp) ) bind( sock2, (struct sockaddr) &addr, sizeof(struct sockaddr_nfc_llcp) ) close(sock1); close(sock2); Fix this by assigning NULL to llcp_sock->local after calling nfc_llcp_local_put. This addresses CVE-2021-23134.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 URL:https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 MISC:https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c URL:https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c MISC:https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 URL:https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 MISC:https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 URL:https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 MISC:https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 URL:https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 MISC:https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e URL:https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e MISC:https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 URL:https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 MISC:https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 URL:https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 MISC:https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c URL:https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c
Assigning CNA
kernel.org
Date Record Created
20240229	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240229)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)