Lucene search

K
zdiNassim AsrirZDI-24-020
HistoryJan 09, 2024 - 12:00 a.m.

Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability

2024-01-0900:00:00
Nassim Asrir
www.zerodayinitiative.com
204
vulnerability
local attackers
arbitrary code
linux kernel
privilege escalation
race condition
gsm multiplexing

AI Score

7.5

Confidence

High

EPSS

0

Percentile

10.1%

This vulnerability allows local attackers to execute arbitrary code on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the n_gsm driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.