Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Apple Safari WebKit Vulnerabilities
September 21, 2021
Rewterz
Rewterz Threat Advisory – Multiple IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI Vulnerabilities
September 21, 2021

Rewterz Threat Advisory – CVE-2021-41073 – Linux Kernel loop_rw_iter in fs/io_uring.c Vulnerability

Severity

High

Analysis Summary

CVE-2021-41073

Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by an error in loop_rw_iter in fs/io_uring.c. By using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, an attacker could exploit this vulnerability to gain elevated privileges on the system.

Impact

  • Privilege Escalation

Affected Vendors

  • Linux

Affected Products

  • Linux Kernel 5.10
  • Linux Kernel 5.10.4
  • Linux Kernel 5.10.11
  • Linux Kernel 5.11.3
  • Linux Kernel 5.11.6
  • Linux Kernel 5.11.8
  • Linux Kernel 5.11
  • Linux Kernel 5.11.10
  • Linux Kernel 5.11.2
  • Linux Kernel 5.11.11
  • Linux Kernel 5.12.0-rc3
  • Linux Kernel 5.12
  • Linux Kernel 5.12.2
  • Linux Kernel 5.13.0-rc2
  • Linux Kernel 5.12.10
  • Linux Kernel 5.12.11
  • Linux Kernel 5.13-rc6
  • Linux Kernel 5.13.4
  • Linux Kernel 5.13.7
  • Linux Kernel 5.14-rc2
  • Linux Kernel 5.13
  • Linux Kernel 5.14-rc6
  • Linux Kernel 5.14-rc4
  • Linux Kernel 5.13.13
  • Linux Kernel 5.14
  • Linux Kernel 5.14.6

Remediation

Refer to Linux Kernel for patch, upgrade or suggested workaround information.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc