Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-4002

On the Linux kernel 3.6 and later before version 5.15.5, it is possible for an attacker to leak or change data that resides on hugetlbfs. Such data can reside on hugetlbfs, for instance if the victim runs mmap() using the MAP_HUGETLB or shmget() with SHM_HUGETLB. If a victim maps executable code onto hugetlbfs, the executable can be modified as well.

Source

Severity Medium

Remote No

Type Arbitrary code execution

Description

On the Linux kernel 3.6 and later before version 5.15.5, it is possible for an attacker to leak or change data that resides on hugetlbfs. Such data can reside on hugetlbfs, for instance if the victim runs mmap() using the MAP_HUGETLB or shmget() with SHM_HUGETLB. If a victim maps executable code onto hugetlbfs, the executable can be modified as well.

AVG-2586 linux-zen 5.15.4.zen1-1 Medium Vulnerable

AVG-2585 linux 5.15.4.arch4-1 Medium Vulnerable

AVG-2524 linux-hardened 5.14.18.hardened1-1 Medium Vulnerable

AVG-1741 linux-lts 5.10.81-1 Medium Vulnerable

https://www.openwall.com/lists/oss-security/2021/11/25/1
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.5&id=556d59293a2a94863797a7a50890992aa5e8db16

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect