Rewterz Threat Advisory – CVE-2021-24002 – Mozilla Firefox command execution
April 20, 2021Rewterz Threat Alert – XCSSET Mac Malware adapts to target macOS 11 and M1-based Macs – IOCs
April 20, 2021Rewterz Threat Advisory – CVE-2021-24002 – Mozilla Firefox command execution
April 20, 2021Rewterz Threat Alert – XCSSET Mac Malware adapts to target macOS 11 and M1-based Macs – IOCs
April 20, 2021Severity
Medium
Analysis Summary
CVE-2021-29155
By executing a specially-crafted program, an attacker could exploit this vulnerability to obtain sensitive information from the kernel memory, and use this information to launch further attacks against the affected system. Linux Kernel could allow a local authenticated attacker to obtain sensitive information.
CVE-2021-23133
By sending a specially-crafted request, an <authenticated> attacker could exploit this vulnerability to gain elevated privileges. Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system.
Impact
- Unauthorized Access
- Attain Information
Affected Vendors
Linux
Affected Products
- Linux Kernel 5.11
- Linux Kernel
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.