| ID |
CVE-2021-4001
|
| Sažetak |
A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2. |
| Reference |
|
| CVSS |
| Base: | 4.7 |
| Impact: | 6.9 |
| Exploitability: | 3.4 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
MEDIUM |
NONE |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| NONE |
COMPLETE |
NONE |
|
| CVSS vektor |
AV:L/AC:M/Au:N/C:N/I:C/A:N |
| Zadnje važnije ažuriranje |
16-11-2022 - 03:36 |
| Objavljeno |
21-01-2022 - 19:15 |