Wind River Support Network

HomeDefectsLIN1021-2269
Fixed

LIN1021-2269 : Security Advisory - linux - CVE-2021-4154

Created: Dec 23, 2021    Updated: Feb 9, 2022
Resolved Date: Jan 5, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.5
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.

https://nvd.nist.gov/vuln/detail/CVE-2021-4154

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube