First published: Thu Oct 28 2021(Updated: )
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | >=5.13<5.14.8 | |
All of | ||
netapp h300s firmware | ||
netapp h300s | ||
All of | ||
NetApp H500S Firmware | ||
netapp h500s | ||
All of | ||
netapp h700s firmware | ||
netapp h700s | ||
All of | ||
netapp h300e firmware | ||
netapp h300e | ||
All of | ||
netapp h500e firmware | ||
netapp h500e | ||
All of | ||
netapp h700e firmware | ||
netapp h700e | ||
All of | ||
netapp h410s firmware | ||
netapp h410s | ||
All of | ||
netapp h410c firmware | ||
netapp h410c | ||
netapp h300s firmware | ||
netapp h300s | ||
NetApp H500S Firmware | ||
netapp h500s | ||
netapp h700s firmware | ||
netapp h700s | ||
netapp h300e firmware | ||
netapp h300e | ||
netapp h500e firmware | ||
netapp h500e | ||
netapp h700e firmware | ||
netapp h700e | ||
netapp h410s firmware | ||
netapp h410s | ||
netapp h410c firmware | ||
netapp h410c | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
No, CVE-2021-43057 requires local access for exploitation, making it a local privilege escalation vulnerability.