Researchers Flag 7-Years-Old Privilege Escalation Flaw in Linux Kernel (CVE-2021-33909)

A vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host has been unearthed by researchers.

“Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely vulnerable and probably exploitable,” said Bharat Jogi, Senior Manager, Vulnerabilities and Signatures, Qualys.