Vulnerability Details : CVE-2021-4028
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.
Vulnerability category: Memory CorruptionExecute code
Exploit prediction scoring system (EPSS) score for CVE-2021-4028
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2021-4028
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2021-4028
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2021-4028
-
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0
Bug 1193167 – VUL-0: CVE-2021-4028: kernel-source,kernel-source-rt,kernel-source-azure: kernel: use-after-free in RDMA listen()Issue Tracking;Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20221228-0002/
CVE-2021-4028 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://access.redhat.com/security/cve/CVE-2021-4028
CVE-2021-4028- Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=2027201
2027201 – (CVE-2021-4028) CVE-2021-4028 kernel: use-after-free in RDMA listen()Issue Tracking;Third Party Advisory
-
https://lkml.org/lkml/2021/10/4/697
LKML: Greg Kroah-Hartman: [PATCH 5.10 22/93] RDMA/cma: Do not change route.addr.src_addr.ss_familyMailing List;Patch;Vendor Advisory
Products affected by CVE-2021-4028
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:15.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:15.0:sp3:*:*:*:*:*:*