PT-2021-23840 · Gnu · Gnu Hurd

Sergey Bugaev

Published

2021-11-07

Updated

2021-11-09

CVE-2021-43413

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GNU Hurd versions prior to 0.9 20210404-9

Description An issue was discovered that allows anyone to modify any files they can read, potentially leading to full root access. This is because a single pager port is shared among all users who mmap a file.

Recommendations For GNU Hurd versions prior to 0.9 20210404-9, update to version 0.9 20210404-9 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-43413

Affected Products

Gnu Hurd

PT-2021-23840 · Gnu · Gnu Hurd

CVE-2021-43413

Related Identifiers

Affected Products

References · 6