Use-After-Free Vulnerability in Linux Kernel's cgroup v1 Parser

Use-After-Free Vulnerability in Linux Kernel's cgroup v1 Parser

CVE-2021-4154 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.