Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:33469
HistoryDec 28, 2021 - 10:08 a.m.

Privilege Escalation

2021-12-2810:08:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
26

EPSS

0

Percentile

5.1%

linux-azure:hirsute is vulnerable to privilege escalation. aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c allows an attacker to access the Aspeed LPC control interface and to overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes.