Rewterz Threat Advisory – New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
February 4, 2021Rewterz Threat Alert – Vidar Malware
February 8, 2021Rewterz Threat Advisory – New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
February 4, 2021Rewterz Threat Alert – Vidar Malware
February 8, 2021Severity
High
Analysis Summary
CVE-2021-26708
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by multiple race conditions in the AF_VSOCK implementation due to wrong locking in net/vmw_vsock/af_vsock.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
Gain Privileges
Affected Vendors
Linux
Affected Products
Linux Kernel 5.10
Remediation
Upgrade to the latest version of Linux Kernel (5.10.13 or later).