Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2021-3864

Published: 26/08/2022 Updated: 12/02/2023
CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1
VMScore: 0
Subscribe to Linux

Vulnerability Summary

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel -

debian debian linux 10.0

debian debian linux 11.0

redhat enterprise linux 7.0

redhat enterprise linux 6.0

redhat enterprise linux 9.0

Github Repositories

https://github.com/walac/cve-2021-3864

Test for cve-2021-3864

Test for CVE-2021-3864 How to run create a user echo <username> ALL= path/to/gen-core >> /etc/sudoers sysctl kernelcore_pattern=core /cve-2021-3864 It should generate a core file in /etc/logrotated

https://github.com/lucasrod16/exploitlens

A simple, lightweight vulnerability scanner that reports if CVEs are present in the CISA KEV database.

exploitlens A simple, lightweight vulnerability scanner that reports if CVEs are present in the CISA KEV database Checking for the presense of CVEs in the CISA KEV database is useful for choosing which vulnerabilities to prioritize for remediation Uses Grype to perform the scan Usage Build from source make build Scan a container image

References

CWE-284https://bugzilla.redhat.com/show_bug.cgi?id=2015046https://www.openwall.com/lists/oss-security/2021/10/20/2https://access.redhat.com/security/cve/CVE-2021-3864https://security-tracker.debian.org/tracker/CVE-2021-3864https://lore.kernel.org/all/20211221021744.864115-1-longman%40redhat.com/https://lore.kernel.org/lkml/20211228170910.623156-1-wander%40redhat.com/https://lore.kernel.org/all/20211226150310.GA992%401wt.eu/https://nvd.nist.govhttps://github.com/walac/cve-2021-3864
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook