Main Vulnerability Database Exploits ID:8493 - Exploit for Improper Privilege Management in Linux kernel - CVE-2021-41073

ID:8493 - Exploit for Improper Privilege Management in Linux kernel - CVE-2021-41073

Published: October 19, 2022

Vulnerability identifier: #VU68300

Vulnerability risk: Low

CVE-ID: CVE-2021-41073

CWE-ID: CWE-269

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://github.com/chompie1337/Linux_LPE_io_uring_CVE-2021-41073

Vulnerability description

The vulnerability allows a local user to escalate privileges.

The vulnerability exists due to improper privilege management within the loop_rw_iter() function in fs/io_uring.c in Linux kernel. A local user can escalate privileges on the system by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer.

Remediation

Install updates from vendor's website.

ID:8493 - Exploit for Improper Privilege Management in Linux kernel - CVE-2021-41073

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human