CVE-2021-4202: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-4202 is a use-after-free vulnerability discovered in the NFC Controller Interface (NCI) implementation of the Linux kernel, specifically in the nci_request function in net/nfc/nci/core.c. The vulnerability was disclosed in December 2021 and affects Linux kernel versions prior to 5.16-rc2. This flaw allows a local attacker with user privileges to cause a data race condition while the device is being removed (NVD, Ubuntu).

The vulnerability stems from a race condition in the ncirequest function that can lead to a use-after-free scenario. The issue occurs when _nci_request() can be awakened while the device is being removed during the unregistration routine. The vulnerability has a CVSS v3.1 base score of 7.0 (HIGH) with the vector string CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements with high complexity (NetApp Advisory).

Successful exploitation of this vulnerability could allow an attacker to achieve privilege escalation to root level access on affected systems. The flaw has been demonstrated to be exploitable on default installations of Ubuntu 20.04, potentially leading to full root privileges. The vulnerability can result in disclosure of sensitive information, modification of data, or cause a denial of service condition (Openwall, NetApp Advisory).

The vulnerability has been patched in Linux kernel version 5.16-rc2 and backported to various stable kernel versions. The fix involves reorganizing functions in ncirequest, adding NCIUNREG flag to eliminate the race condition, and reordering the logic in nfc{un,}registerdevice. Multiple patches have been applied to address different aspects of the vulnerability (Kernel Commit).