NA

CVE-2021-33909

Published: 20/07/2021 Updated: 26/07/2021

Vulnerability Summary

fs/seq_file.c in the Linux kernel 3.16 up to and including 5.13.x prior to 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-36311 A flaw was discovered in the KVM subsystem for AMD CPUs, allowing an attacker to cause a denial of service by triggering destruction of a large SEV VM CVE-2021-3609 Norber ...
Arch Linux Security Advisory ASA-202107-48 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux Type : privilege escalation Remote : No Link : securityarchlinuxorg/AVG-2181 Summary ======= The package linux before version 5134arch1- ...
Arch Linux Security Advisory ASA-202107-50 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-hardened Type : privilege escalation Remote : No Link : securityarchlinuxorg/AVG-2183 Summary ======= The package linux-hardened before ver ...
Arch Linux Security Advisory ASA-202107-51 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-lts Type : privilege escalation Remote : No Link : securityarchlinuxorg/AVG-2184 Summary ======= The package linux-lts before version 510 ...
Arch Linux Security Advisory ASA-202107-49 ========================================== Severity: High Date : 2021-07-21 CVE-ID : CVE-2021-3609 CVE-2021-3612 CVE-2021-33909 Package : linux-zen Type : privilege escalation Remote : No Link : securityarchlinuxorg/AVG-2182 Summary ======= The package linux-zen before version 513 ...
Severity Unknown Remote Unknown Type Unknown Description AVG-1879 linux 5131arch1-1 Medium Vulnerable ...

Mailing Lists

Hi all, A few people have asked us how we discovered CVE-2021-33909 (size_t-to-int conversion vulnerability in Linux's filesystem layer): - We were reading (not auditing) the kernel code that generates some of the files in /proc/pid We eventually reached seq_read_iter() and noticed the "while (1) { m->size <<= 1 }" - We im ...
Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel ...
Qualys Security Advisory Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) ======================================================================== Contents ======================================================================== Summary Analysis Exploitation overview Exploitation details Mitigations Acknowledgments Timeline = ...
Qualys Security Advisory CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1) ======================================================================== Contents ======================================================================== Summary Analysis Proof of concept Acknowledgments Timeline ================================= ...

Github Repositories

LinuxVulnerabilities Sequoia Local Priv Escalation - LPE security flaw CVE-2021-33909 (wwwqualyscom/2021/07/20/cve-2021-33909/sequoia-local-privilege-escalation-linuxtxt) wwwbleepingcomputercom/news/security/new-linux-kernel-bug-lets-you-get-root-on-most-modern-distros/

Sequoia (CVE-2021-33909) Building gcc exploitc -o exploit Running chmod +x exploit /exploit One-Liner gcc exploitc -o exploit;chmod +x exploit;/exploit Credits blogqualyscom/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escala

Sequoia (CVE-2021-33909) Building gcc exploitc -o exploit Running chmod +x exploit /exploit One-Liner gcc exploitc -o exploit;chmod +x exploit;/exploit Credits blogqualyscom/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escala

cve-2021-33909 This module fixes an issue in the kernels filesystem layer (CVE-2021-33909) by kprobe-replacing vulnerable functions during runtime

CVE-2021-33909 Exploit code for CVE-2021-33909,Just a dump of removed githubcom/AmIAHuman/ repo Sequoia (CVE-2021-33909) Building gcc exploitc -o exploit Running "mkdir dir;/exploit $(pwd)/dir" chmod +x exploit /exploit One-Liner gcc exploitc -o exploit;chmod +x exploit;/exploit Credits blogqualyscom/vulnerabilities-threat-research/2021/07/20/

RHEL 8 Kickstarts Kickstart files for RHEL 8 and Red Hat family distributions (eg CentOS Stream, Rocky Linux, Alma Linux) This repo is part of my Kickstart My Heart project, where I maintain automated installations for a variety of operating systems Links Main Repo: gitlabcom/kickstart-my-heart/rhel8 Compiled Packages: gitlabcom/kickstart-my-heart/rhel8/

Recent Articles

New Linux kernel bug lets you get root on most modern distros
BleepingComputer • Sergiu Gatlan • 20 Jul 2021

Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices.
As discovered by Qualys researchers, the LPE security flaw tracked as CVE-2021-33909 (
) is present in the filesystem layer used to manage user data, a feature universally used by all major (Linux) operating systems.
According to Qualys' research, the vulnerability impacts all Linux...