Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7
CVSSv3

CVE-2021-26708

Published: 05/02/2021 Updated: 09/11/2023
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1
VMScore: 617
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

A local privilege escalation exists in the Linux kernel prior to 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

netapp cloud backup -

netapp fas baseboard management controller -

netapp aff baseboard management controller -

netapp solidfire & hci management node -

netapp solidfire baseboard management controller -

netapp baseboard management controller 500f firmware

netapp baseboard management controller a250 firmware

netapp hci h410c firmware -

Vendor Advisories

Arch Linux Issues:
A local privilege escalation was discovered in the Linux kernel before 51013 Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsockc The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support ...

Mailing Lists

Full Disclosure: Re: Linux kernel: Exploitable vulnerabilities in AF_VSOCK implementation
Hello! I published a detailed article about exploiting CVE-2021-26708 in AF_VSOCK implementation: a13xp0p0vgithubio/2021/02/09/CVE-2021-26708html In this article I describe how to gain local privilege escalation on Fedora 33 Server for x86_64, bypassing SMEP and SMAP The race condition may cause write-after-free of a 4-byte controlle ...
Full Disclosure: CVE-2022-0185: Linux kernel slab out-of-bounds write: exploit and writeup
Hi all, Now that the discoverers of this bug (CVE-2022-0185) have published their exploit and writeup (twittercom/cor_ctf/status/1486022971034529794), here is the exploit I wrote (attached) and a short writeup: # Exploiting CVE-2022-0185: A Linux kernel slab out-of-bounds write Last week, a newly discovered vulnerability was announced ...
Full Disclosure: Re: Linux kernel: Exploitable vulnerabilities in AF_VSOCK implementation
On February 5, 2021 12:43:31 AM GMT+03:00, Alexander Popov <alexpopov () linux com> wrote: CVE-2021-26708 is assigned to these issues: nvdnistgov/vuln/detail/CVE-2021-26708 Best regards, Alexander ...

Github Repositories

https://github.com/c4pt000/kernel-5.11.6-expSEHDsec

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-HAXM-cgroup-virtio

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/c4pt000/kernel-5.9.16-expSEHDsec-4.18.0-trackpad

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/c4pt000/kernel-4.4.167expSEHDsec-4.18.0-trackpad

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/hardenedvault/vault_range_poc

Project Vault Range PoC: Know your enemy and yourself to build better defense-in-depth solution!

Vault Range PoC Project Vault Range PoC: Know your enemy and yourself to build better defense-in-depth solution! HardenedVault will share some of technical experience we gained during the daily work of building open source based security solution for platform/infrastructure, eg: Linux kernel, firmware and cryptography engineering Any contributors are welcomed as well! Proof o

https://github.com/jordan9001/vsock_poc

Investigating the bug behind CVE-2021-26708

vsock_poc Investigating the bug behind CVE-2021-26708 This repo contains a small writeup about CVE-2021-26708, and how this bug can be turned into a Use After Free write primitive The PoC here is not a full exploit, but just my harness I used when trying to investigate this bug It can successfully use an entry from the kmalloc-64 cache after it is freed, but doesn't hav

https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-HAXM-cgroup-virtio-nvidia-amd

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-cgroup-virtio

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/c4pt000/kernel-5.11.6-expSEHDsec-HAXM-cgroup-virtio-nvidia-amd-kaliwifi

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

https://github.com/c4pt000/kernel-5.11.0-expSEHDsec

kernel-4.4.167expSEHDsec

Fedora 34/35 ONLY! will not work on Fedora 39 01-03-2022 a host of more drivers have been enabled for SPI programming, UART, GPIO programming (programmers), enabled more legacy gamepad joystick drivers for legacy video game consoles, (NES, SNES, TURBGFX64, PS1, PS2) attempted to add more stability with mobile systems to release the usb keyboard with encrypted filesystems for

References

CWE-667https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c518adafa39f37858697ac9309c6cf1805581446https://www.openwall.com/lists/oss-security/2021/02/04/5https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.13http://www.openwall.com/lists/oss-security/2021/02/05/6https://security.netapp.com/advisory/ntap-20210312-0008/http://www.openwall.com/lists/oss-security/2021/04/09/2http://www.openwall.com/lists/oss-security/2022/01/25/14https://nvd.nist.govhttps://github.com/c4pt000/kernel-5.11.6-expSEHDsechttp://seclists.org/oss-sec/2021/q2/14https://security.archlinux.org/CVE-2021-26708
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316firmwareCVE-2024-30078CVE-2024-5995remote code executionlogic flawCVE-2024-20693CVE-2024-37315CVE-2024-5464
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook