CVE-2021-0920

Updated: 2022-12-05 06:16:31.585474

Description:

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6.9
CVSS Version 3.x MEDIUM 6.4

Known exploits

Added Date Description Due Date Notes
2022-05-23 Android kernel contains a race condition, which allows for a use-after-free vulnerability. Exploitation can allow for privilege escalation. 2022-06-13

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS kernel 2.6.32 6.4 MEDIUM Released CLSA-2022:1650986589 2022-05-05 12:05:38
CentOS 8.4 ELS kernel 4.18.0 6.4 MEDIUM Released CLSA-2023:1683229770 2023-05-04 17:13:40
CentOS 8.5 ELS kernel 4.18.0 6.4 MEDIUM Released CLSA-2023:1683146027 2023-05-04 17:13:41
CloudLinux 6 ELS kernel 2.6.32 6.4 MEDIUM Released 2023-09-19 14:19:46
Oracle Linux 6 ELS kernel 2.6.32 6.4 MEDIUM Released CLSA-2022:1669850228 2022-11-30 19:55:08
Ubuntu 16.04 ELS linux 4.4.0 6.4 MEDIUM Released CLSA-2022:1667414297 2022-11-02 17:06:28
Ubuntu 16.04 ELS linux-hwe 4.15.0 6.4 MEDIUM Released 2023-04-27 14:04:57