#VU61258 Security restrictions bypass in Linux kernel


Published: 2022-03-11

Vulnerability identifier: #VU61258

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-4197

CWE-ID: CWE-264

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to missing permissions checks within the cgroups (control groups) functionality of Linux Kernel when writing into a file descriptor. A local low privileged process can trick a higher privileged parent process into writing arbitrary data into files, which can result in denial of service or privileges escalation.

Mitigation
Install updates from vendor's website.

Vulnerable software versions


External links
http://bugzilla.redhat.com/show_bug.cgi?id=2035652


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?


Latest bulletins with this vulnerability