Wind River Support Network

HomeDefectsLIN1019-7549
Fixed

LIN1019-7549 : Security Advisory - linux - CVE-2021-4154

Created: Dec 23, 2021    Updated: Feb 9, 2022
Resolved Date: Jan 4, 2022
Found In Version: 10.19.45.1
Fix Version: 10.19.45.21
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Kernel

Description

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.

https://nvd.nist.gov/vuln/detail/CVE-2021-4154

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube