Vulnerability Details : CVE-2021-3752
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Vulnerability category: Memory Corruption
Products affected by CVE-2021-3752
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:3scale:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Threat overview for CVE-2021-3752
Top countries where our scanners detected CVE-2021-3752
Top open port discovered on systems with this issue
53
IPs affected by CVE-2021-3752 713,733
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2021-3752!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-3752
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-3752
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.9
|
HIGH | AV:A/AC:M/Au:N/C:C/I:C/A:C |
5.5
|
10.0
|
NIST | |
7.1
|
HIGH | CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST |
CWE ids for CVE-2021-3752
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Primary)
-
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)
References for CVE-2021-3752
-
https://www.openwall.com/lists/oss-security/2021/09/15/4
oss-security - CVE-2021-3752: Linux kernel: a uaf bug in bluetoothExploit;Mailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html
[SECURITY] [DLA 2940-1] linux security updateMailing List;Third Party Advisory
-
https://www.debian.org/security/2022/dsa-5096
Debian -- Security Information -- DSA-5096-1 linuxThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
[SECURITY] [DLA 2941-1] linux-4.19 security updateMailing List;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1999544
1999544 – (CVE-2021-3752) CVE-2021-3752 kernel: possible use-after-free in bluetooth moduleIssue Tracking;Third Party Advisory
-
https://lore.kernel.org/lkml/20211115165435.133245729%40linuxfoundation.org/
[PATCH 5.15 187/917] Bluetooth: fix use-after-free error in lock_sock_nested() - Greg Kroah-Hartman
-
https://lore.kernel.org/lkml/20211115165435.133245729@linuxfoundation.org/
[PATCH 5.15 187/917] Bluetooth: fix use-after-free error in lock_sock_nested() - Greg Kroah-HartmanPatch;Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20220318-0009/
CVE-2021-3752 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.oracle.com/security-alerts/cpujul2022.html
Oracle Critical Patch Update Advisory - July 2022Patch;Third Party Advisory
Jump to