PT-2021-1512 · Linux+5 · Linux Kernel+5

Published

2021-03-15

·

Updated

2023-02-24

·

CVE-2021-28375

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.11.6
Description An issue was discovered in the Linux kernel where the fastrpc internal invoke function in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. The issue is related to a problem with insecure privilege management.
Recommendations For Linux kernel versions prior to 5.11.6, consider disabling the fastrpc internal invoke function as a temporary workaround until a patch is available. Restrict access to the drivers/misc/fastrpc.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Missing Authorization

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862CWE-269

Related Identifiers

ALT-PU-2021-1525
ALT-PU-2021-1530
ALT-PU-2021-1539
ALT-PU-2021-1554
ALT-PU-2021-1555
ALT-PU-2021-1563
ALT-PU-2021-1616
ALT-PU-2021-1618
ALT-PU-2021-1862
ALT-PU-2021-1866
ALT-PU-2021-1869
ASB-A-183188047
AZL-6535
BDU:2021-04833
CVE-2021-28375
MGASA-2021-0151
MGASA-2021-0152
OPENSUSE-SU-2021:0532-1
OPENSUSE-SU-2021:0758-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0532-1
OPENSUSE-SU-2021_0758-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
SUSE-SU-2021:1177-1
SUSE-SU-2021:1211-1
SUSE-SU-2021:1238-1
SUSE-SU-2021:1625-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
USN-4911-1
USN-4945-1
USN-4945-2
USN-4947-1
USN-4949-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Suse
Ubuntu