"Researchers Flag 7-Years-Old Privilege Escalation Flaw in Linux Kernel (CVE-2021-33909)"
Security researchers at Qualy have discovered a vulnerability (CVE-2021-33909) in the Linux kernel’s filesystem layer that may allow local, unprivileged attackers to gain root privileges on a vulnerable host. The security researchers were able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely vulnerable and probably exploitable, the researchers stated. The researchers also flagged CVE-2021-33910, a closely related systemd vulnerability that could lead to a denial of service condition. The source of both flaws is the incorrect handling of long path names. The first vulnerability (CVE-2021-33909) is an attack against the Linux kernel. The researchers stated that an unprivileged local attacker can exploit this vulnerability by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB. A successful attack results in privilege escalation. The second vulnerability (CVE-2021-33910) is an attack against systemd (the system and service manager) and requires a local attacker with the ability to mount a filesystem with a long path. This attack causes systemd, the services it manages, and the entire system to crash and stop responding.