PT-2021-7327 · Linux+9 · Linux Kernel+9
Published
2021-11-25
·
Updated
2023-08-14
·
CVE-2021-4002
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way a user maps some regions of memory twice using the
shmget() function, which are aligned to PUD alignment with the fault of some of the memory pages. This issue could allow a local user to get unauthorized access to some data. The flaw is related to the shmget() function and the double mapping of memory regions aligned to PUD, which could enable an attacker to access confidential data and compromise its integrity.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu