Download page ISN 2021-04: IGEL OS Kernel Privilege Escalation.
ISN 2021-04: IGEL OS Kernel Privilege Escalation
Announced 23 July 2021
Updated 23 September 2021 (IGEL OS 11.06.100 is now available)
CVSS 3.1 Score: 7.8 (High)
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
A local privilege escalation vulnerability affects the following IGEL products:
IGEL OS 11
IGEL OS 10
Details
A research team from Qualys has discovered a vulnerability in the Linux kernel’s filesystem layer (CVE-2021-33909). An unprivileged local user can use it to gain root privileges.