Denial of Service Vulnerability in Linux Kernel's NFC LLCP Socket Handling

Denial of Service Vulnerability in Linux Kernel's NFC LLCP Socket Handling

CVE-2021-38208 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

Learn more about our Cis Benchmark Audit For Bind.