An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
|https://bugs.chromium.org/p/project-zero/issues/detail?id=2229||Exploit Patch Third Party Advisory|
|https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.8||Patch Release Notes Vendor Advisory|
|https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3727a8bac0a9e77c70820655fd8715523ba3db7||Patch Vendor Advisory|
Configuration 1 (hide)