CVE-2021-3864Improper Access Control in Kernel

CWE-284Improper Access Control6 documents6 sources
Severity
7.0HIGHNVD
EPSS
0.6%
top 31.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linux KernelDebian LinuxRedhat Enterprise Linux
Timeline
PublishedAug 26
Latest updateAug 27

Description

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible ro

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages1 packages

CVEListV5linux/linux_kernelNot Known

Also affects: Debian Linux 10.0, 11.0, Enterprise Linux 6.0, 7.0, 9.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-9682-f2fr-3h46: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants2022-08-27
OSV
CVE-2021-3864: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants2022-08-26
CVEList
CVE-2021-3864: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants2022-08-26

📋Vendor Advisories

2
Red Hat
kernel: descendant's dumpable setting with certain SUID binaries2021-10-20
Debian
CVE-2021-3864: linux - A flaw was found in the way the dumpable flag setting was handled when certain S...2021
CVE-2021-3864 — Improper Access Control in Linux Kernel | cvebase