ID:6522 - Exploit for Improper Privilege Management in Linux kernel - CVE-2021-26708

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:6522 - Exploit for Improper Privilege Management in Linux kernel - CVE-2021-26708

ID:6522 - Exploit for Improper Privilege Management in Linux kernel - CVE-2021-26708

Published: July 7, 2021


Vulnerability identifier: #VU52036
Vulnerability risk: Low
CVE-ID: CVE-2021-26708
CWE-ID: CWE-269
Exploitation vector: Local access
Vulnerable software:
Linux kernel

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.


Remediation

Install updates from vendor's website.