Unrated severityNVD Advisory· Published Feb 5, 2021· Updated Aug 3, 2024

CVE-2021-26708

Description

A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.

Affected products

Linux/Linux kerneldescription
osv-coords3 versions
pkg:rpm/almalinux/kernel-abi-whitelists pkg:rpm/almalinux/kernel-tools-libs-devel pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Tumbleweed
< 4.18.0-240.22.1.el8_3+ 2 more
- (no CPE)range: < 4.18.0-240.22.1.el8_3
- (no CPE)range: < 4.18.0-240.22.1.el8_3
- (no CPE)range: < 5.14.6-1.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2021/02/05/6mitremailing-listx_refsource_MLIST
www.openwall.com/lists/oss-security/2021/04/09/2mitremailing-listx_refsource_MLIST
www.openwall.com/lists/oss-security/2022/01/25/14mitremailing-listx_refsource_MLIST
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.13mitrex_refsource_MISC
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
security.netapp.com/advisory/ntap-20210312-0008/mitrex_refsource_CONFIRM
www.openwall.com/lists/oss-security/2021/02/04/5mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000