CVE-2021-47248

MEDIUM

Linux Kernel 4.9-4.9.274 - Race Condition in UDP Socket Close and Abort

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close() and udp_abort() Kaustubh reported and diagnosed a panic in udp_lib_lookup(). The root cause is udp_abort() racing with close(). Both racing functions acquire the socket lock, but udp{v6}_destroy_sock() release it before performing destructive actions. We can't easily extend the socket lock scope to avoid the race, instead use the SOCK_DEAD flag to prevent udp_abort from doing any action when the critical race happens. Diagnosed-and-tested-by: Kaustubh Pandey <[email protected]>

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/e3c36c773aed0fef8b1d3d555b43393ec564400f

Patch

https://git.kernel.org/stable/c/a0882f68f54f7a8b6308261acee9bd4faab5a69e

Patch

https://git.kernel.org/stable/c/2f73448041bd0682d4b552cfd314ace66107f1ad

Patch

https://git.kernel.org/stable/c/5a88477c1c85e4baa51e91f2d40f2166235daa56

Patch

https://git.kernel.org/stable/c/8729ec8a2238152a4afc212a331a6cd2c61aeeac

Patch

https://git.kernel.org/stable/c/65310b0aff86980a011c7c7bfa487a333d4ca241

Patch

https://git.kernel.org/stable/c/a8b897c7bcd47f4147d066e22cc01d1026d7640e

Scores

CVSS v3 4.7

EPSS 0.0018

EPSS Percentile 7.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-362

Status published

Products (18)

Linux/Linux < 4.9

Linux/Linux 4.14.238 - 4.14.*

Linux/Linux 4.19.196 - 4.19.*

Linux/Linux 4.9

Linux/Linux 4.9.274 - 4.9.*

Linux/Linux 5.10.46 - 5.10.*

Linux/Linux 5.12.13 - 5.12.*

Linux/Linux 5.13

Linux/Linux 5.4.128 - 5.4.*

Linux/Linux 5d77dca82839ef016a93ad7acd7058b14d967752 - 2f73448041bd0682d4b552cfd314ace66107f1ad

... and 8 more

Published May 21, 2024

Tracked Since Feb 18, 2026