CVE-2021-44733
Published on: Not Yet Published
Last Modified on: 06/01/2022 06:54:00 PM UTC
Certain versions of Debian Linux from Debian contain the following vulnerability:
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
- CVE-2021-44733 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7 - HIGH
| Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|---|---|---|---|
| LOCAL | HIGH | LOW | NONE |
| Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
| UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 4.4 - MEDIUM
| Access Vector ⓘ |
Access Complexity |
Authentication |
|---|---|---|
| LOCAL | MEDIUM | NONE |
| Confidentiality Impact |
Integrity Impact |
Availability Impact |
| PARTIAL | PARTIAL | PARTIAL |
CVE References
| Description | Tags ⓘ | Link |
|---|---|---|
| [SECURITY] [DLA 2941-1] linux-4.19 security update | lists.debian.org text/html |
MLIST [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update |
| kernel/git/torvalds/linux.git - Linux kernel source tree | git.kernel.org text/html |
MISC git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/tee/tee_shm.c |
| [PATCH v2] tee: handle lookup of shm with reference count 0 - Jens Wiklander | lore.kernel.org text/html |
MISC lore.kernel.org/lkml/[email protected]/ |
| optee-qemu/README.md at main · pjlantz/optee-qemu · GitHub | github.com text/html |
MISC github.com/pjlantz/optee-qemu/blob/main/README.md |
| Debian -- Security Information -- DSA-5096-1 linux | www.debian.org Depreciated Link text/html |
DEBIAN DSA-5096 |
| January 2022 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product Security | security.netapp.com text/html |
CONFIRM security.netapp.com/advisory/ntap-20220114-0003/ |
Related QID Numbers
- 159641 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2022-9147)
- 159642 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2022-9148)
- 159825 Oracle Enterprise Linux Security Update for kernel (ELSA-2022-1988)
- 179117 Debian Security Update for linux (DSA 5096-1)
- 179119 Debian Security Update for linux-4.19 (DLA 2941-1)
- 179523 Debian Security Update for linux (CVE-2021-44733)
- 198659 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5278-1)
- 198707 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5339-1)
- 198708 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5337-1)
- 198709 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5338-1)
- 198731 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5368-1)
- 198740 Ubuntu Security Notification for Linux kernel (BlueField) Vulnerabilities (USN-5377-1)
- 240275 Red Hat Update for kernel-rt (RHSA-2022:1975)
- 240298 Red Hat Update for kernel security (RHSA-2022:1988)
- 353151 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2022-009
- 353160 Amazon Linux Security Advisory for kernel : ALAS2-2022-1749
- 376925 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2022:0125)
- 610418 Google Pixel Android June 2022 Security Patch Missing
- 671436 EulerOS Security Update for kernel (EulerOS-SA-2022-1352)
- 671448 EulerOS Security Update for kernel (EulerOS-SA-2022-1450)
- 671474 EulerOS Security Update for kernel (EulerOS-SA-2022-1429)
- 671505 EulerOS Security Update for kernel (EulerOS-SA-2022-1489)
- 671535 EulerOS Security Update for kernel (EulerOS-SA-2022-1508)
- 751654 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0197-1)
- 751695 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0367-1)
- 751696 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0364-1)
- 751697 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0366-1)
- 751700 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0363-1)
- 751701 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0366-1)
- 751702 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0371-1)
- 751703 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0372-1)
- 751704 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2022:0370-1)
- 752005 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0370-1)
- 753194 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0288-1)
- 753212 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0363-1)
- 753462 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2022:0289-1)
- 900420 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (7060)
- 901435 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (7063-1)
- 905766 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (7060-1)
- 940517 AlmaLinux Security Update for kernel (ALSA-2022:1988)
Exploit/POC from Github
Environment with vulnerable kernel for exploitiation of CVE-2021-44733
Known Affected Configurations (CPE V2.3)
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*:
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*:
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h300e:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h300s:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h410c:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h410s:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h500e:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h500s:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h700e:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller:h700s:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h300e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h300e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h300s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h300s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h410c:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h410c_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h410s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h410s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h500e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h500e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h500s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h500s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h700e:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h700e_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:h:netapp:baseboard_management_controller_h700s:-:*:*:*:*:*:*:*:
- cpe:2.3:o:netapp:baseboard_management_controller_h700s_firmware:-:*:*:*:*:*:*:*:
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
| Source | Title | Posted (UTC) |
|---|---|---|
 @CVEreport |
CVE-2021-44733 : A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the #Linux #kernel throug… twitter.com/i/web/status/1… | 2021-12-22 17:05:14 |
 /r/netcve |
CVE-2021-44733 | 2021-12-22 18:38:19 |