Vulnerability identifier: #VU61258
Vulnerability risk: Low
Exploitation vector: Local
Exploit availability: No
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to missing permissions checks within the cgroups (control groups) functionality of Linux Kernel when writing into a file descriptor. A local low privileged process can trick a higher privileged parent process into writing arbitrary data into files, which can result in denial of service or privileges escalation.
Install updates from vendor's website.
Vulnerable software versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?