#VU93735 Improper privilege management in Linux kernel - CVE-2021-47491

Cybersecurity Help s.r.o.

Published: 2024-07-03

Vulnerability identifier: #VU93735

Vulnerability risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-47491

CWE-ID: CWE-269

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the hugepage_vma_check() function in mm/khugepaged.c. A local user can read and manipulate data.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
http://git.kernel.org/stable/c/6d67b2a73b8e3a079c355bab3c1aef7d85a044b8
http://git.kernel.org/stable/c/5fcb6fce74ffa614d964667110cf1a516c48c6d9
http://git.kernel.org/stable/c/a4aeaa06d45e90f9b279f0b09de84bd00006e733

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Multiple vulnerabilities in Juniper Secure Analytics (JSA)

Multiple vulnerabilities in IBM Technical Support Appliance

Multiple vulnerabilities in IBM Robotic Process Automation for Cloud Pak

Multiple vulnerabilities in IBM QRadar SIEM

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.13

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.15

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.15 packages

Red Hat Enterprise Linux 8 update for kernel-rt

Red Hat Enterprise Linux 8 update for kernel