9
CVE-2021-43413
- EPSS 1.91%
- Veröffentlicht 07.11.2021 18:15:07
- Zuletzt bearbeitet 21.11.2024 06:29:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pager port is shared among everyone who mmaps a file, allowing anyone to modify any files that they can read. This can be trivially exploited to get full root access.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.91% | 0.771 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
https://lists.gnu.org/archive/html/bug-hurd/2021-05/msg00079.html
https://lists.gnu.org/archive/html/bug-hurd/2002-11/msg00263.html
https://lists.gnu.org/archive/html/bug-hurd/2005-06/msg00191.html
https://www.mail-archive.com/bug-hurd%40gnu.org/msg32113.html