Severity
Medium
Analysis Summary
CVE-2021-34866
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a type confusion flaw in the handling of eBPF programs. By executing a specially-crafted eBPF program, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of the kernel.
Impact
- Privilege Escalation
Affected Vendors
- Linux
Affected Products
- Linux Kernel 5.13
Remediation
Upgrade to the latest version of Linux Kernel, available from the Linux Kernel Web site.