vulnerability
Oracle Linux: CVE-2021-23134: ELSA-2021-9406: Unbreakable Enterprise kernel-container security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | May 4, 2021 | Aug 10, 2021 | Jan 23, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
May 4, 2021
Added
Aug 10, 2021
Modified
Jan 23, 2025
Description
Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
A flaw was found in the Linux kernel. A use-after-free was found in the implementation of nfc sockets leading to a kernel privilege escalation from the context of an unprivileged user. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in the Linux kernel. A use-after-free was found in the implementation of nfc sockets leading to a kernel privilege escalation from the context of an unprivileged user. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Solution
oracle-linux-upgrade-kernel-uek
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.