loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 up to and including 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
debian debian linux 10.0 |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |
||
netapp cloud backup - |
||
netapp solidfire baseboard management controller - |
||
netapp h410c_firmware - |
||
netapp h300s_firmware - |
||
netapp h500s_firmware - |
||
netapp h700s_firmware - |
||
netapp h300e_firmware - |
||
netapp h500e_firmware - |
||
netapp h700e_firmware - |
||
netapp h410s_firmware - |