New Linux kernel bug lets you get root on most modern distros

Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel’s filesystem layer on vulnerable devices.

As discovered by Qualys researchers, the LPE security flaw tracked as CVE-2021-33909 (dubbed Sequoia) is present in the filesystem layer used to manage user data, a feature universally used by all major (Linux) operating systems.

According to Qualys’ research, the vulnerability impacts all Linux kernel versions released since 2014.

Once successfully exploited on a vulnerable system, the attackers get full root privileges on default installations of many modern distributions.

Full article

Scroll to Top