Security Weekly Podcast Network (Video)

Sequoia: A Local Privilege Escalation Vulnerability in Linux's Filesystem Layer - Wheel - PSW #707

Aug 21, 2021

45:00

forum

Ask episode

view_agenda

Chapters

auto_awesome

Transcript

info_circle

Episode notes

The Qualys Research Team discovered a size_t-to-int type conversion vulnerability in the Linux Kernel's filesystem layer affecting most Linux operating systems. Any unprivileged user can gain root privileges on a vulnerable host by exploiting this vulnerability in a default configuration. Successful exploitation of this vulnerability allows any unprivileged user to gain root privileges on the vulnerable host. Qualys security researchers have been able to independently verify the vulnerability, develop an exploit, and obtain full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation. Other Linux distributions are likely vulnerable and probably exploitable.

Segment Resources:

https://blog.qualys.com/vulnerabilities-threat-research/2021/07/20/sequoia-a-local-privilege-escalation-vulnerability-in-linuxs-filesystem-layer-cve-2021-33909

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw707

Home Top podcasts Popular guests Top books