Ubuntu linux kernel shiftfs file system double free vulnerability
CVE-2021-3492

8.8HIGH

Key Information:

Vendor: Ubuntu
Status: Linux Kernel
Vendor: CVE Published:; 15 April 2021

What is CVE-2021-3492?

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.

Affected Version(s)

Linux kernel 5.8 kernel < 5.8.0-50.56

Linux kernel 5.4 kernel < 5.4.0-72.80

References

https://www.openwall.com/lists/oss-security/2021/04/16/2

x_refsource_MISC

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/l...

x_refsource_MISC

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/l...

x_refsource_MISC

EPSS Score

23% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2021
Vulnerability Reserved
Apr 9, 2021

Credit

Vincent Dehors of Synactiv Digital Security