Skip to main content

Improper Check for Dropped Privileges

CVE-2021-3982

Severity Medium
Score 5.5/10

Summary

Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-273 - Improper Check for Dropped Privileges

The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.

References

Advisory Timeline

  • Published