7.2
CVSSv2

CVE-2021-41073

Published: 19/09/2021 Updated: 14/10/2021
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 up to and including 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

debian debian linux 10.0

Vendor Advisories

A flaw was found in loop_rw_iter in fs/io_uringc in the Linux kernel This problem gives the ability to a local user with a normal user privilege to free a user-defined kernel space buffer ...
loop_rw_iter in fs/io_uringc in the Linux kernel through 5146 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/&lt;pid&gt;/maps for exploitation ...
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2020-3702 A flaw was found in the driver for Atheros IEEE 80211n family of chipsets (ath9k) allowing information disclosure CVE-2020-16119 Hadar Manor reported a use-after-free in the D ...

Mailing Lists

Hi, I'm writing to disclose a Linux Kernel vulnerability I found in the io_uring subsystem The vulnerability is in fs/io_uringc at loop_rw_iter It is a controllable kernel buffer free Most files implement the file op function read_iter However, if they don't (such as a procfs file like /proc/&lt;pid&gt;/maps), loop_rw_iter is called to manu ...

Github Repositories

CVE-2021-41073 Exploit loop_rw_iter in fs/io_uringc in the Linux kernel 510 through 5146 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation Windows Binary PoC /CVE-2021-41073exe will run the exploit /CVE-2021-41073exe -t Target IP /CVE-2021-41073exe -t w