CVE-2021-23133

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 22-04-2021 08:15

Last modified: - 26-10-2022 01:44

Total changes: - 10

Description

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

High

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.0

Base score

1.0

5.9

Exploitability score

Impact score

Verification logic

Reference

N/A-Mailing List, Patch, Vendor Advisory
N/A-Exploit, Mailing List, Patch, Third Party Advisory
FEDORA-2021-8cd093f639-Mailing List, Third Party Advisory
FEDORA-2021-e6b4847979-Mailing List, Third Party Advisory
FEDORA-2021-a963f04012-Mailing List, Third Party Advisory
[oss-security] 20210510 Re: CVE-2021-23133: Linux kernel: race condition in sctp sockets-Mailing List, Patch, Third Party Advisory
[oss-security] 20210510 Re: CVE-2021-23133: Linux kernel: race condition in sctp sockets-Mailing List, Patch, Third Party Advisory
[oss-security] 20210510 Re: CVE-2021-23133: Linux kernel: race condition in sctp sockets-Mailing List, Patch, Third Party Advisory
[oss-security] 20210510 Re: CVE-2021-23133: Linux kernel: race condition in sctp sockets-Mailing List, Patch, Third Party Advisory
https://security.netapp.com/advisory/ntap-20210611-0008/
[debian-lts-announce] 20210623 [SECURITY] [DLA 2689-1] linux security update-Mitigation, Third Party Advisory
[debian-lts-announce] 20210623 [SECURITY] [DLA 2690-1] linux-4.19 security update-Mitigation, Third Party Advisory

Keywords

CVE-2021-23133

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-23133

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures