CVE-2021-41073

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation.

Reference Links(if available):

  • http://www.openwall.com/lists/oss-security/2021/09/18/2
  • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc
  • https://www.debian.org/security/2021/dsa-4978
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/PAP4TXEZ7J4EZQMQW5SIJMWXG7WZT3F7/
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/J7KSMIOQ4377CVTHMWNGNCWHMCRFRP2T/
  • CVSS Score (if available)

    v2: / HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • Available for Amazon Prime