[ASB-A-171705902] Kernel exploit: futex fixup_pi_state_owner() fault causes stack UAF
Severity
High
Affected Packages
1
Fixed Packages
1
CVEs
1
In fixup_pi_state_owner of futex.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Package | Affected Version |
---|---|
pkg:generic/android#linux_kernel | >= :0, < :2021-08-05 |
Package | Fixed Version |
---|---|
pkg:generic/android#linux_kernel | = :2021-08-05 |
- ID
- ASB-A-171705902
- Severity
- high
- URL
- https://source.android.com/security/bulletin/2021-08-01
- Published
-
2021-08-01T00:00:00
(3 years ago) - Modified
-
2024-07-31T14:46:47
(7 weeks ago) - Rights
- Android Security Team
- Other Advisories
-
- ALAS-2021-1480
- ALAS2-2021-1600
- ALSA-2021:1093
- ASA-202102-23
- DSA-4843-1
- ELSA-2021-1093
- ELSA-2021-2314
- ELSA-2021-9084
- ELSA-2021-9085
- ELSA-2021-9086
- ELSA-2021-9087
- ELSA-2021-9434
- FEDORA-2021-6e805a5051
- FEDORA-2021-879c756377
- MS:CVE-2021-3347
- openSUSE-SU-2021:0241-1
- RHSA-2021:1081
- RHSA-2021:1093
- RHSA-2021:2285
- RHSA-2021:2314
- RHSA-2021:2316
- SUSE-SU-2021:0347-1
- SUSE-SU-2021:0348-1
- SUSE-SU-2021:0353-1
- SUSE-SU-2021:0354-1
- SUSE-SU-2021:0427-1
- SUSE-SU-2021:0433-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0532-1
- SUSE-SU-2021:0809-1
- SUSE-SU-2021:0818-1
- SUSE-SU-2021:0823-1
- SUSE-SU-2021:0826-1
- SUSE-SU-2021:0840-1
- SUSE-SU-2021:0841-1
- SUSE-SU-2021:0842-1
- SUSE-SU-2021:0849-1
- SUSE-SU-2021:0853-1
- SUSE-SU-2021:0859-1
- SUSE-SU-2021:0868-1
- SUSE-SU-2021:0870-1
- USN-4878-1
- USN-4884-1
- USN-4907-1
- USN-4910-1
Source | # ID | Name | URL |
---|---|---|---|
Advisory | https://source.android.com/security/bulletin/2021-08-01 | ||
Fix | https://android.googlesource.com/kernel/common/+/6e7bfa046de8 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Fixed | pkg:generic/android#linux_kernel | android | = :2021-08-05 | ||||
Affected | pkg:generic/android#linux_kernel | android | >= :0 < :2021-08-05 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |