1. Home
  2. Vulnerabilities
  3. CVE-2021-47068
7.8
HIGH CVSS 3.1
CVE-2021-47068
net/nfc: fix use-after-free llcp_sock_bind/connect
Description

In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed a refcount leak bug in bind/connect but introduced a use-after-free if the same local is assigned to 2 different sockets. This can be triggered by the following simple program: int sock1 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP ); int sock2 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP ); memset( &addr, 0, sizeof(struct sockaddr_nfc_llcp) ); addr.sa_family = AF_NFC; addr.nfc_protocol = NFC_PROTO_NFC_DEP; bind( sock1, (struct sockaddr*) &addr, sizeof(struct sockaddr_nfc_llcp) ) bind( sock2, (struct sockaddr*) &addr, sizeof(struct sockaddr_nfc_llcp) ) close(sock1); close(sock2); Fix this by assigning NULL to llcp_sock->local after calling nfc_llcp_local_put. This addresses CVE-2021-23134.

INFO

Published Date :

Feb. 29, 2024, 11:15 p.m.

Last Modified :

April 22, 2025, 4:15 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2021-47068 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Linux linux_kernel
: Total Affected Vendor : 1 | Products : 1
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 HIGH [email protected]
CVSS 3.1 HIGH 134c704f-9b21-4f2e-91b3-4a467353bcc0
Solution
This vulnerability can be resolved by updating the Linux kernel and rebooting the system.
  • Update the Linux kernel to a patched version.
  • Reboot the system to apply the update.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-47068.

URL Resource
https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 Patch
https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c Patch
https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 Patch
https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 Patch
https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 Patch
https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e Patch
https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 Patch
https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 Patch
https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c Patch
https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 Patch
https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c Patch
https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 Patch
https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 Patch
https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 Patch
https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e Patch
https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 Patch
https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 Patch
https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c Patch
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-47068 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-47068 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-47068 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2021-47068 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Apr. 22, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-416
  • Initial Analysis by [email protected]

    Dec. 10, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE NIST CWE-416
    Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.4.267 up to (excluding) 4.4.269 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.9.267 up to (excluding) 4.9.269 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.14.231 up to (excluding) 4.14.233 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.19.187 up to (excluding) 4.19.191 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.4.112 up to (excluding) 5.4.119 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.10.30 up to (excluding) 5.10.37 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11.14 up to (excluding) 5.11.21 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.12 up to (excluding) 5.12.4
    Changed Reference Type https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 No Types Assigned https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 Patch
    Changed Reference Type https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 No Types Assigned https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 Patch
    Changed Reference Type https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c No Types Assigned https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c Patch
    Changed Reference Type https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c No Types Assigned https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c Patch
    Changed Reference Type https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 No Types Assigned https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 Patch
    Changed Reference Type https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 No Types Assigned https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 Patch
    Changed Reference Type https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 No Types Assigned https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 Patch
    Changed Reference Type https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 No Types Assigned https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 Patch
    Changed Reference Type https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 No Types Assigned https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 Patch
    Changed Reference Type https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 No Types Assigned https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 Patch
    Changed Reference Type https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e No Types Assigned https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e Patch
    Changed Reference Type https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e No Types Assigned https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e Patch
    Changed Reference Type https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 No Types Assigned https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 Patch
    Changed Reference Type https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 No Types Assigned https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 Patch
    Changed Reference Type https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 No Types Assigned https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 Patch
    Changed Reference Type https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 No Types Assigned https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 Patch
    Changed Reference Type https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c No Types Assigned https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c Patch
    Changed Reference Type https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c No Types Assigned https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c Patch
  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299
    Added Reference https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c
    Added Reference https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6
    Added Reference https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91
    Added Reference https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610
    Added Reference https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e
    Added Reference https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6
    Added Reference https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570
    Added Reference https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 28, 2024

    Action Type Old Value New Value
  • CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Feb. 29, 2024

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()") and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()") fixed a refcount leak bug in bind/connect but introduced a use-after-free if the same local is assigned to 2 different sockets. This can be triggered by the following simple program: int sock1 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP ); int sock2 = socket( AF_NFC, SOCK_STREAM, NFC_SOCKPROTO_LLCP ); memset( &addr, 0, sizeof(struct sockaddr_nfc_llcp) ); addr.sa_family = AF_NFC; addr.nfc_protocol = NFC_PROTO_NFC_DEP; bind( sock1, (struct sockaddr*) &addr, sizeof(struct sockaddr_nfc_llcp) ) bind( sock2, (struct sockaddr*) &addr, sizeof(struct sockaddr_nfc_llcp) ) close(sock1); close(sock2); Fix this by assigning NULL to llcp_sock->local after calling nfc_llcp_local_put. This addresses CVE-2021-23134.
    Added Reference Linux https://git.kernel.org/stable/c/26157c82ba756767b2bd66d28a71b1bc454447f6 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/ccddad6dd28530e716448e594c9ca7c76ccd0570 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/18ae4a192a4496e48a5490b52812645d2413307c [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/48fba458fe54cc2a980a05c13e6c19b8b2cfb610 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/e32352070bcac22be6ed8ab635debc280bb65b8c [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/6b7021ed36dabf29e56842e3408781cd3b82ef6e [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/374cdde4dcc9c909a60713abdbbf96d5e3e09f91 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/18175fe17ae043a0b81e5d511f8817825784c299 [No types assigned]
    Added Reference Linux https://git.kernel.org/stable/c/c61760e6940dd4039a7f5e84a6afc9cdbf4d82b6 [No types assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 7.8
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact