Unrated severityNVD Advisory· Published Aug 24, 2022· Updated Aug 3, 2024
CVE-2021-4028
CVE-2021-4028
Description
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.
Affected products
10- Linux kernel/RDMA communications manager listener codedescription
- osv-coords9 versionspkg:rpm/almalinux/kernel-tools-libs-develpkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_2&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_4&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_6&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3pkg:rpm/suse/kernel-livepatch-SLE15-SP3_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP3
< 4.18.0-348.23.1.el8_5+ 8 more
- (no CPE)range: < 4.18.0-348.23.1.el8_5
- (no CPE)range: < 10-3.2
- (no CPE)range: < 8-150300.2.2
- (no CPE)range: < 8-150300.2.2
- (no CPE)range: < 8-150300.2.2
- (no CPE)range: < 7-150300.2.2
- (no CPE)range: < 6-150300.2.2
- (no CPE)range: < 4-150300.2.2
- (no CPE)range: < 4-150300.2.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6News mentions
0No linked articles in our index yet.