Extended Lifecycle Support CVE dashboard by TuxСare

CVEs Releases Projects

CVE-2021-0920

Updated: 2022-05-25 08:13:23.528448

Description:

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6.9
CVSS Version 3.x MEDIUM 6.4

Known exploits

Added Date Description Due Date Notes
2022-05-23 Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation. 2022-06-13

Status

OS name Project name Version Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 Released CLSA-2022:1650986589 2022-05-05 12:05:38.758644
CentOS 8.4 ELS kernel 4.18.0-305.25.1 Needs triage 2022-05-23 16:30:42.23909
CentOS 8.5 ELS kernel 4.18.0-348.7.1 Needs triage 2022-05-23 16:30:42.296383
CloudLinux 6 ELS kernel 2.6.32 Needs triage 2022-04-21 07:04:53.532146
Oracle Linux 6 ELS kernel 2.6.32 Needs triage 2022-05-23 16:30:42.344326
Ubuntu 16.04 ELS linux 4.4.0 Needs triage 2022-04-21 07:04:53.286858