A use-after-free flaw was found in the Linux kernel's SCTP socket functionality that triggers a race condition. This flaw allows a local user to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1951582]
This issue is rated as having a Moderate impact because of the privileges required for running the known reproducer. The required privileges are CAP_BPF and CAP_NET_ADMIN capabilities that are disabled by default in Red Hat Enterprise Linux 7. For Red Hat Enterprise Linux 8, the SCTP protocol itself is disabled by default and cannot be used by a user without enablement by an administrator.
To mitigate this issue, prevent the module sctp from being loaded (and this is so by default for Red Hat Enterprise Linux 8). Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
Name: Or Cohen (Palo Alto Networks)