Double-Free Memory Corruption Vulnerability in Linux Kernel HCI Device Initialization Subsystem

Double-Free Memory Corruption Vulnerability in Linux Kernel HCI Device Initialization Subsystem

CVE-2021-3564 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.