Main Vulnerability Database SB2021052744

SB2021052744 - Exposure of resource to wrong sphere in Linux kernel

Published: May 27, 2021

Security Bulletin ID SB2021052744

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Exposure of resource to wrong sphere (CVE-ID: CVE-2008-2544)

The vulnerability allows a local user to manipulate data.

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

Remediation

Install update from vendor's website.

References

https://bugzilla.redhat.com/show_bug.cgi?id=213135