CVE-2021-3982
N/A
N/A
Summary
Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | gnome-shell | gnome-shell downstream versions using CAP_SYS_NICE | affected |
Weaknesses
- CWE-273: CWE-273
ADP Enrichment
CVE Program Container
Additional References
- https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2284
- https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2060
References
- https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2284
- https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2060
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.