Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2021-43411

HistoryNov 07, 2021 - 6:15 p.m.

CVE-2021-43411

2021-11-0718:15:07

Debian Security Bug Tracker

security-tracker.debian.org

gnu hurd

setuid executable

full root access

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.1%

JSON

An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there’s a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access.

OSVersionArchitecturePackageVersionFilename
Debian999allhurd< 1:0.9.git20210404-9hurd_1:0.9.git20210404-9_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	999	all	hurd	< 1:0.9.git20210404-9	hurd_1:0.9.git20210404-9_all.deb

CVSS2

8.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.003

Percentile

71.1%

JSON

Related for DEBIANCVE:CVE-2021-43411