Lucene search

MitreCVE-2021-43411

HistoryNov 07, 2021 - 6:15 p.m.

CVE-2021-43411

2021-11-0718:15:07

CWE-362

mitre

web.nvd.nist.gov

cve-2021-43411

gnu hurd

privilege escalation

setuid

security vulnerability

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.1%

JSON

An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there’s a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access.

Affected configurations

Nvd

Node

gnuhurdRange<0.9.20210404-9

VendorProductVersionCPE
gnuhurd*cpe:2.3:a:gnu:hurd:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gnu	hurd	*	cpe:2.3:a:gnu:hurd::::::::

References

lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html

salsa.debian.org/hurd-team/hurd/-/blob/4d1b079411e2f40576e7b58f9b5b78f733a2beda/debian/patches/0034-proc-Use-UIDs-for-evaluating-permissions.patch

www.mail-archive.com/bug-hurd%40gnu.org/msg32112.html

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.1%

JSON

Related for CVE-2021-43411