{"id":"CVE-2021-26708","details":"A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.","modified":"2026-03-15T22:39:42.024735Z","published":"2021-02-05T14:15:18.780Z","related":["ALSA-2021:1093","MGASA-2021-0084","MGASA-2021-0085","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.13"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2021/02/05/6"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c518adafa39f37858697ac9309c6cf1805581446"},{"type":"FIX","url":"https://security.netapp.com/advisory/ntap-20210312-0008/"},{"type":"FIX","url":"https://www.openwall.com/lists/oss-security/2021/02/04/5"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2021/04/09/2"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2022/01/25/14"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"5.5"},{"fixed":"5.10.13"}]},{"events":[{"introduced":"0"},{"fixed":"15.3"}]},{"events":[{"introduced":"0"},{"fixed":"15.3"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-26708.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}