{"id":"CVE-2021-4083","details":"A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4.","aliases":["A-216408350","ASB-A-216408350","PUB-A-216408350"],"modified":"2026-03-15T22:41:56.907412Z","published":"2022-01-18T17:15:09.403Z","related":["ALSA-2022:1988","MGASA-2021-0574","MGASA-2021-0575","SUSE-SU-2022:0080-1","SUSE-SU-2022:0169-1","SUSE-SU-2022:0197-1","SUSE-SU-2022:0198-1","SUSE-SU-2022:0288-1","SUSE-SU-2022:0289-1","SUSE-SU-2022:0362-1","SUSE-SU-2022:0364-1","SUSE-SU-2022:0366-1","SUSE-SU-2022:0367-1","SUSE-SU-2022:0371-1","SUSE-SU-2022:0372-1","SUSE-SU-2022:0418-1","SUSE-SU-2022:0436-1","SUSE-SU-2022:0463-1","SUSE-SU-2022:0477-1","SUSE-SU-2022:0552-1","SUSE-SU-2022:0555-1","openSUSE-SU-2022:0169-1","openSUSE-SU-2022:0198-1","openSUSE-SU-2022:0366-1"],"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220217-0005/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5096"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2029923"},{"type":"FIX","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.4.294"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.292"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.257"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.220"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.164"}]},{"events":[{"introduced":"5.5.0"},{"fixed":"5.10.84"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.7"}]},{"events":[{"introduced":"0"},{"last_affected":"5.16-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.16-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.16-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"22.2.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4083.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}