Latest Vulnerabilities and Exploits



CVE ID:

CVE-2021-3564

Details:

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.

References:

:https://bugzilla.redhat.com/show_bug.cgi?id=1964139
:https://bugzilla.redhat.com/show_bug.cgi?id=1964139
:https://www.openwall.com/lists/oss-security/2021/05/25/1
:https://www.openwall.com/lists/oss-security/2021/05/25/1
MLIST:[oss-security] 20210525 -2021-3564 Linux Bluetooth device initialization implementation bug
:http://www.openwall.com/lists/oss-security/2021/05/25/1
MLIST:[oss-security] 20210601 Re: -2021-3564 Linux Bluetooth device initialization implementation bug
:http://www.openwall.com/lists/oss-security/2021/06/01/2

ZeroDayLab Assigned Tags:

CRASH
LOCAL
CORRUPTION
MEMORY CORRUPTION