CVE-2021-42008 – Linux Foundation / Linux kernel – Out-of-bounds write

December 10, 2021

CVE-2021-42008 is an out-of-bounds write vulnerability impacting Linux kernel versions 5.13.12 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.

Summary:

CVE-2021-42008 is an out-of-bounds write vulnerability impacting Linux kernel versions 5.13.12 and earlier. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.

PoC Links(if available):

YouTube: Privilege escalation on latest Ubuntu kernel –
https://www.youtube.com/watch?v=d5f9xLK8Vhw&ab_channel=zhandai

Known Counter Measures:

The Linux Foundation addressed the vulnerability in Linux kernel versions 5.13.13.

Links to patches(if available)

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13

You may have missed

image

[MEOW] – Ransomware Victim: Cottles Asphalt Maintenance Inc

November 14, 2024
image

[MEOW] – Ransomware Victim: Karl Malone Toyota

November 14, 2024
image

[MEOW] – Ransomware Victim: Pine Belt Cars

November 14, 2024
image

[MEOW] – Ransomware Victim: J[.]S[.]T[.] Espana

November 14, 2024
image

[MEOW] – Ransomware Victim: Herron Todd White

November 14, 2024