Seccomp Permissions Bypass in Linux Kernel (CVE-2021-33909)

Seccomp Permissions Bypass in Linux Kernel (CVE-2021-33909)

CVE-2022-30594 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.