CVE-2021-4154
moderate-risk
Published 2022-02-04
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.
Do I need to act?
-
0.84% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
LOCAL
/ LOW complexity
Affected Products (11)
References (8)
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2034514
Third Party Advisory
https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220225-0004/
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2034514
Third Party Advisory
https://cloud.google.com/anthos/clusters/docs/security-bulletins#gcp-2022-002
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220225-0004/
46
/ 100
moderate-risk
Severity
27/34 · High
Exploitability
3/34 · Minimal
Exposure
16/34 · Moderate