News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Sequoia: A deep root in Linux’s filesystem layer (CVE-2021-33909)

    Home Forums AskWoody support Non-Windows operating systems Linux – all distros Sequoia: A deep root in Linux’s filesystem layer (CVE-2021-33909)

    Viewing 1 reply thread
    • Author
      • #2379417
        AskWoody Plus


        We discovered a size_t-to-int conversion vulnerability in the Linux
        kernel’s filesystem layer: by creating, mounting, and deleting a deep
        directory structure whose total path length exceeds 1GB, an unprivileged
        local attacker can write the 10-byte string “//deleted” to an offset of
        exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer.

        We successfully exploited this uncontrolled out-of-bounds write, and
        obtained full root privileges on default installations of Ubuntu 20.04,
        Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other
        Linux distributions are certainly vulnerable, and probably exploitable.
        Our exploit requires approximately 5GB of memory and 1M inodes; we will
        publish it in the near future. A basic proof of concept (a crasher) is
        attached to this advisory and is available at:

        To the best of our knowledge, this vulnerability was introduced in July
        2014 (Linux 3.16) by commit 058504ed (“fs/seq_file: fallback to vmalloc

      • #2379432
        AskWoody MVP

        Which is why all Linux distributions were advised to update.
        See security-update-for-linux-distros
        keep up! ๐Ÿ˜›

        | Quality over Quantity |
        1 user thanked author for this post.
    Viewing 1 reply thread

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Sequoia: A deep root in Linux’s filesystem layer (CVE-2021-33909)

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.