|Number of vulnerabilities||1|
|Public exploit||Public exploit code for vulnerability #1 is available.|
kernel-rt (Red Hat package)
Operating systems & Components / Operating system package or component
|Vendor||Red Hat Inc.|
This security bulletin contains one low risk vulnerability.
Exploit availability: YesDescription
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to unauthorized access to execution of setuid files in OverlayFS subsystem when copying a capable file from a nosuid mount into another mount. A local user can execute arbitrary code with root privileges.
Install updates from vendor's website.
kernel-rt (Red Hat package): before 5.14.0-70.53.1.rt21.124.el9_0CPE2.3
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?