A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
2022-09-01T21:15:09.057
2024-11-21T06:41:20.517
Modified
CVSSv3.1: 7.0 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | linux | linux_kernel | < 3.3 | Yes |
| Operating System | linux | linux_kernel | < 3.17 | Yes |
| Operating System | linux | linux_kernel | < 3.19 | Yes |
| Operating System | linux | linux_kernel | < 4.9.316 | Yes |
| Operating System | linux | linux_kernel | < 4.14.281 | Yes |
| Operating System | linux | linux_kernel | < 4.19.245 | Yes |
| Operating System | linux | linux_kernel | < 5.4.196 | Yes |
| Operating System | linux | linux_kernel | < 5.10.118 | Yes |
| Operating System | linux | linux_kernel | < 5.15.42 | Yes |
| Operating System | linux | linux_kernel | < 5.17.10 | Yes |
| Application | netapp | hci_baseboard_management_controller | h300s | Yes |
| Application | netapp | hci_baseboard_management_controller | h410s | Yes |
| Application | netapp | hci_baseboard_management_controller | h500s | Yes |
| Application | netapp | hci_baseboard_management_controller | h700s | Yes |