cve/2021/CVE-2021-3564.md

CVE-2021-3564

Description

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.

POC

Reference

• http://www.openwall.com/lists/oss-security/2021/05/25/1
• http://www.openwall.com/lists/oss-security/2021/06/01/2
• https://www.openwall.com/lists/oss-security/2021/05/25/1

Github

• https://github.com/ARPSyndicate/cvemon