Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:31584
HistoryAug 12, 2021 - 3:28 p.m.

Privilege Escalation

2021-08-1215:28:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
24

0.001 Low

EPSS

Percentile

33.4%

kernel is vulnerable to privilege escalation. The vulnerability exists due to a race condition in the SCTP sockets net/sctp/socket.c which allows an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.

References