Use-after-free in Linux kernel - CVE-2021-46929
Published: May 31, 2024 / Updated: May 14, 2025
Vulnerability identifier: #VU90257
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-46929
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sctp_transport_lookup_process() and sctp_transport_get_idx() functions in net/sctp/socket.c, within the sctp_sock_dump() and sctp_sock_filter() functions in net/sctp/sctp_diag.c, within the sctp_endpoint_free() and sctp_endpoint_destroy() functions in net/sctp/endpointola.c. A local user can escalate privileges on the system.
How to mitigate CVE-2021-46929
Install update from vendor's website.
Sources
- https://git.kernel.org/stable/c/8873140f95d4977bf37e4cf0d5c5e3f6e34cdd3e
- https://git.kernel.org/stable/c/af6e6e58f7ebf86b4e7201694b1e4f3a62cbc3ec
- https://git.kernel.org/stable/c/831de271452b87657fcf8d715ee20519b79caef5
- https://git.kernel.org/stable/c/769d14abd35e0e153b5149c3e1e989a9d719e3ff
- https://git.kernel.org/stable/c/75799e71df1da11394740b43ae5686646179561d
- https://git.kernel.org/stable/c/5ec7d18d1813a5bead0b495045606c93873aecbb
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.261
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.224
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.90
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.170