Bug 2031928 (CVE-2021-1048) - CVE-2021-1048 kernel: Use After Free in epoll_loop_check_proc() which could result in a local privilege escalation
Summary: CVE-2021-1048 kernel: Use After Free in epoll_loop_check_proc() which could r...
Keywords:
Status: NEW
Alias: CVE-2021-1048
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2032650 2031929 2031942 2031943 2031944 2031945 2031946 2031947 2031948 2031949 2031950 2031951 2031952 2031953 2031954 2032817
Blocks: 2030656
TreeView+ depends on / blocked
 
Reported: 2021-12-13 17:52 UTC by Michael Kaplan
Modified: 2025-04-04 13:51 UTC (History)
61 users (show)

Fixed In Version: kernel 5.9 rc4
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Michael Kaplan 2021-12-13 17:52:22 UTC 
A use-after-free flaw was found in ep_loop_check_proc in fs/eventpoll.c in the filesystem. This flaw could allow an attacker to crash the system while polling for a file that is already committed to destruction. This vulnerability could lead to a kernel information leak and a privilege escalation problem.

References:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77f4689de17c0887775bb77896f4cc11a39bf848
Comment 1 Michael Kaplan 2021-12-13 17:53:01 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2031929]
Comment 13 Justin M. Forbes 2021-12-16 15:51:16 UTC 
This was fixed for Fedora with the 5.8.8 stable kernel updates.
Note You need to log in before you can comment on or make changes to this bug.