Main Vulnerability Database Exploits ID:7208 - Exploit for Use-after-free in Linux kernel - CVE-2021-44733

ID:7208 - Exploit for Use-after-free in Linux kernel - CVE-2021-44733

Published: December 28, 2021

Vulnerability identifier: #VU59100

Vulnerability risk: Low

CVE-ID: CVE-2021-44733

CWE-ID: CWE-416

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/pjlantz/optee-qemu

Vulnerability description

The vulnerability allows a local user to elevate privileges on the system.

The vulnerability exists due to a use-after-free error in the drivers/tee/tee_shm.c file within the TEE subsystem in the Linux kernel. A local user can trigger a race condition in tee_shm_get_from_id during an attempt to free a shared memory object and execute arbitrary code with elevated privileges.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:7208 - Exploit for Use-after-free in Linux kernel - CVE-2021-44733

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human