CVE-2021-3752

Updated: 2024-11-30 02:55:41.981765

Description:

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.9
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Already Fixed 2024-01-19 13:11:01
AlmaLinux 9.2 FIPS kernel 5.14.0 7.1 HIGH Already Fixed 2024-01-19 13:10:06
CentOS 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2022-03-30 15:43:20
CentOS 7 ELS kernel 3.10.0 7.1 HIGH Already Fixed 2024-07-08 10:29:48
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2022:1651145959 2022-04-28 15:58:55
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2022:1651146021 2022-04-28 15:58:55
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Not Vulnerable 2024-06-09 14:20:00
CloudLinux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2022-03-30 15:43:20
CloudLinux 7 ELS kernel 3.10.0 7.1 HIGH Needs Triage 2024-09-06 04:49:31
Oracle Linux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2022-03-30 15:43:20
Total: 13