CVE-2021-33909

Published on: 07/20/2021 12:00:00 AM UTC

Last Modified on: 10/18/2021 12:55:00 PM UTC

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Certain versions of Debian Linux from Debian contain the following vulnerability:

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

  • CVE-2021-33909 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 7.2 - HIGH

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
Sequoia: A Deep Root In Linux's Filesystem Layer ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html
[SECURITY] [DLA 2713-2] linux security update lists.debian.org
text/html
URL Logo MLIST [debian-lts-announce] 20210720 [SECURITY] [DLA 2713-2] linux security update
[SECURITY] [DLA 2713-1] linux security update lists.debian.org
text/html
URL Logo MLIST [debian-lts-announce] 20210720 [SECURITY] [DLA 2713-1] linux security update
oss-security - Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer www.openwall.com
text/html
URL Logo MLIST [oss-security] 20210825 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer
oss-security - Re: Containers-optimized OS (COS) membership in the linux-distros list www.openwall.com
text/html
URL Logo MLIST [oss-security] 20210920 Re: Containers-optimized OS (COS) membership in the linux-distros list
Kernel Live Patch Security Notice LSN-0081-1 ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html
oss-security - Re: Containers-optimized OS (COS) membership in the linux-distros list www.openwall.com
text/html
URL Logo MLIST [oss-security] 20210917 Re: Containers-optimized OS (COS) membership in the linux-distros list
CVE-2021-33909 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security security.netapp.com
text/html
URL Logo CONFIRM security.netapp.com/advisory/ntap-20210819-0004/
[SECURITY] Fedora 34 Update: kernel-5.13.4-200.fc34 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2021-07dc0b3eb1
Kernel Live Patch Security Notice LSN-0079-1 ≈ Packet Storm Third Party Advisory
packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html
oss-security - Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer www.openwall.com
text/html
URL Logo MLIST [oss-security] 20210722 Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer
oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer www.openwall.com
text/html
URL Logo MISC www.openwall.com/lists/oss-security/2021/07/20/1
Debian -- Security Information -- DSA-4941-1 linux www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-4941
seq_file: disallow extremely large seq buffer allocations · torvalds/[email protected] · GitHub github.com
text/html
URL Logo CONFIRM github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b
[SECURITY] [DLA 2714-1] linux-4.19 security update lists.debian.org
text/html
URL Logo MLIST [debian-lts-announce] 20210720 [SECURITY] [DLA 2714-1] linux-4.19 security update
oss-security - Containers-optimized OS (COS) membership in the linux-distros list www.openwall.com
text/html
URL Logo MLIST [oss-security] 20210916 Containers-optimized OS (COS) membership in the linux-distros list
cdn.kernel.org
text/plain
URL Logo CONFIRM cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4

Related QID Numbers

  • 159308 Oracle Enterprise Linux Security Update for kernel (ELSA-2021-2714)
  • 159310 Oracle Enterprise Linux Security Update for kernel (ELSA-2021-2725)
  • 159315 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9368)
  • 159316 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9369)
  • 159317 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9370)
  • 159318 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9371)
  • 159319 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9372)
  • 159322 Oracle Enterprise Linux Security Update for kernel (ELSA-2021-9374)
  • 159332 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9395)
  • 159338 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9404)
  • 159339 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9406)
  • 159340 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2021-9407)
  • 159341 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel-container (ELSA-2021-9410)
  • 178710 Debian Security Update for linux (DSA 4941-1)
  • 178712 Debian Security Update for linux (DLA 2713-1)
  • 178713 Debian Security Update for linux-4.19 (DLA 2714-1)
  • 178714 Debian Security Update for linux (DLA 2713-2)
  • 198435 Ubuntu Security Notification for Linux kernel vulnerability (USN-5014-1) (Sequoia)
  • 198436 Ubuntu Security Notification for Linux kernel (OEM) vulnerabilities (USN-5015-1) (Sequoia)
  • 198437 Ubuntu Security Notification for Linux kernel vulnerabilities (USN-5016-1) (Sequoia)
  • 198438 Ubuntu Security Notification for Linux kernel vulnerabilities (USN-5017-1) (Sequoia)
  • 198459 Ubuntu Security Notification for Linux, Linux-aws, Linux-aws-hwe, Linux-azure, Linux-azure-4.15, Linux-gcp, (USN-5018-1)
  • 239495 Red Hat Update for kpatch-patch (RHSA-2021:2727) (Sequoia)
  • 239497 Red Hat Update for kpatch-patch (RHSA-2021:2723) (Sequoia)
  • 239498 Red Hat Update for kernel (RHSA-2021:2722) (Sequoia)
  • 239500 Red Hat Update for kpatch-patch (RHSA-2021:2720) (Sequoia)
  • 239501 Red Hat Update for kernel-rt (RHSA-2021:2719) (Sequoia)
  • 239502 Red Hat Update for kernel (RHSA-2021:2718) (Sequoia)
  • 239504 Red Hat Update for kpatch-patch (RHSA-2021:2716) (Sequoia)
  • 239505 Red Hat Update for kernel-rt (RHSA-2021:2715) (Sequoia)
  • 239506 Red Hat Update for kernel (RHSA-2021:2714) (Sequoia)
  • 239520 Red Hat Update for OpenShift Container Platform 4.7.21 (RHSA-2021:2763)
  • 239521 Red Hat Update for kpatch-patch (RHSA-2021:2729)
  • 239522 Red Hat Update for kernel (RHSA-2021:2728)
  • 239523 Red Hat Update for kernel-rt (RHSA-2021:2726)
  • 239524 Red Hat Update for kernel (RHSA-2021:2725)
  • 257100 CentOS Security Update for kernel (CESA-2021:2725)
  • 281734 Fedora Security Update for kernel (FEDORA-2021-07dc0b3eb1)
  • 352491 Amazon Linux Security Advisory for kernel: ALAS-2021-1524
  • 352493 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-059
  • 352494 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-058
  • 352495 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-057
  • 352496 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-056
  • 352497 Amazon Linux Security Advisory for kernel-livepatch: ALAS2LIVEPATCH-2021-055
  • 352500 Amazon Linux Security Advisory for kernel: ALAS2-2021-1691
  • 352828 Amazon Linux Security Advisory for kernel: ALAC2012-2021-027
  • 352829 Amazon Linux Security Advisory for kmod-sfc: ALAC2012-2021-028
  • 352830 Amazon Linux Security Advisory for kmod-mlx5: ALAC2012-2021-029
  • 352831 Amazon Linux Security Advisory for kernel: ALAC2012-2021-030
  • 352832 Amazon Linux Security Advisory for kmod-sfc: ALAC2012-2021-031
  • 352833 Amazon Linux Security Advisory for kmod-mlx5: ALAC2012-2021-032
  • 375710 Linux Kernel Local Privilege Escalation Vulnerability (Sequoia)
  • 390220 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0025)
  • 390224 Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0023)
  • 670707 EulerOS Security Update for kernel (EulerOS-SA-2021-2465)
  • 670744 EulerOS Security Update for kernel (EulerOS-SA-2021-2502)
  • 670949 EulerOS Security Update for kernel (EulerOS-SA-2021-2570)
  • 671033 EulerOS Security Update for kernel (EulerOS-SA-2021-2569)
  • 671047 EulerOS Security Update for kernel (EulerOS-SA-2021-2588)
  • 730155 McAfee Web Gateway Multiple Vulnerabilities(WP-3580, WP-3656, WP-3815, WP-3878, WP-3882, WP-3934,WP-3935, WP-3936, WP-3999)
  • 750844 SUSE Enterprise Linux Security Update for kernel (SUSE-SU-2021:2407-1)
  • 750847 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2409-1)
  • 750848 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2416-1)(Sequoia)
  • 750851 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2415-1)(Sequoia)
  • 750864 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2421-1)
  • 750868 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2427-1)
  • 750869 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2422-1)
  • 750877 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:2427-1)
  • 750880 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:2451-1)
  • 750887 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:1076-1)
  • 750899 SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (SUSE-SU-2021:2538-1)
  • 751437 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3876-1)
  • 751441 OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3876-1)
  • 900096 CBL-Mariner Linux Security Update for kernel 5.10.52.1
  • 900304 CBL-Mariner Linux Security Update for kernel 5.10.57.1
  • 900319 CBL-Mariner Linux Security Update for kernel 5.10.60.1

Exploit/POC from Github

Sequoia exploit (7/20/21)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
DebianDebian Linux10.0AllAllAll
Operating
System
DebianDebian Linux9.0AllAllAll
Operating
System
FedoraprojectFedora34AllAllAll
Operating
System
LinuxLinux KernelAllAllAllAll
ApplicationNetappHci Management Node-AllAllAll
ApplicationNetappSolidfire-AllAllAll
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*:
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*:
  • cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @shah_sheikh Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909): The Qualys Resear… twitter.com/i/web/status/1… 2021-07-20 12:59:34
Twitter Icon @masami256 oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-20 13:06:27
Twitter Icon @whitequark the use of userfaultfd here to lock the kernel code at copy_from_user is also really neat qualys.com/2021/07/20/cve… 2021-07-20 13:15:38
Twitter Icon @oss_security CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer: Posted by Qualys Security Advisory on Jul… twitter.com/i/web/status/1… 2021-07-20 13:24:32
Twitter Icon @netsecu blog.qualys.com/vulnerabilitie… Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-3… twitter.com/i/web/status/1… 2021-07-20 13:48:09
Twitter Icon @campuscodi New Sequoia bug gives you root access on most Linux systems -CVE-2021-33909 -Patches out today -tested on Ubuntu,… twitter.com/i/web/status/1… 2021-07-20 13:55:26
Twitter Icon @_r_netsec Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-20 13:58:07
Twitter Icon @Myinfosecfeed New post: "Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualy… twitter.com/i/web/status/1… 2021-07-20 13:59:32
Twitter Icon @bortzmeyer Ouh là, CVE-2021-33909 fait mal. Comme disait ma grand-mère, il ne faut pas confondre int et size_t. #Linux 2021-07-20 14:15:54
Twitter Icon @CybrXx0 Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-20 14:25:41
Twitter Icon @LdrTom Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… via @qualys 2021-07-20 14:27:20
Twitter Icon @DarkCisum CVE-2021-33909 or Why type conversions matter (in critical software) openwall.com/lists/oss-secu… 2021-07-20 14:29:55
Twitter Icon @hn_frontpage CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer L: openwall.com/lists/oss-secu… C: news.ycombinator.com/item?id=278931… 2021-07-20 14:42:11
Twitter Icon @hncynic Title: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer ?: Is there a good book on the subj… twitter.com/i/web/status/1… 2021-07-20 14:42:20
Twitter Icon @slpnix "RHSB-2021-006 Long path name in mountpoint flaws in the kernel and systemd (CVE-2021-33909, CVE-2021-33910)" access.redhat.com/security/vulne… 2021-07-20 14:42:35
Twitter Icon @tammeke140674 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer ift.tt/3BlNtOm 4 2021-07-20 14:43:38
Twitter Icon @radoncnotes CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer ift.tt/3BlNtOm 4 2021-07-20 14:45:10
Twitter Icon @HNTweets CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer: openwall.com/lists/oss-secu… Comments: news.ycombinator.com/item?id=278931… 2021-07-20 14:50:02
Twitter Icon @ffaabb Oups ... blog.qualys.com/vulnerabilitie… 2021-07-20 14:53:01
Twitter Icon @notameadow Can we have all pages like this: qualys.com/2021/07/20/cve… 2021-07-20 14:55:30
Twitter Icon @betterhn20 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… (news.ycombinator.com/item?id=278931…) 2021-07-20 14:59:20
Twitter Icon @HackerNewsTop10 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer Link: openwall.com/lists/oss-secu… Comments: news.ycombinator.com/item?id=278931… 2021-07-20 15:06:03
Twitter Icon @qualys Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909): Any unprivileged… twitter.com/i/web/status/1… 2021-07-20 15:11:30
Twitter Icon @hn_frontpage Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) L: qualys.com/2021/07/20/cve… C: news.ycombinator.com/item?id=278943… 2021-07-20 15:13:58
Twitter Icon @radoncnotes Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) ift.tt/3zfYCy9 3 2021-07-20 15:15:08
Twitter Icon @tammeke140674 Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) ift.tt/3zfYCy9 3 2021-07-20 15:18:24
Twitter Icon @HNTweets Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909): qualys.com/2021/07/20/cve… Comments: news.ycombinator.com/item?id=278943… 2021-07-20 15:20:03
Twitter Icon @winsontang Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… 2021-07-20 15:21:08
Twitter Icon @timyardley GOD-level on Linux (oops) -- qualys.com/2021/07/20/cve… 2021-07-20 15:21:35
Twitter Icon @HackerNewsTop10 Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) Link: qualys.com/2021/07/20/cve… Comments: news.ycombinator.com/item?id=278943… 2021-07-20 15:27:13
Twitter Icon @01_security_01 Sequoia: A deep root in Linux’s filesystem layer (CVE-2021-33909) charotarsamachar.com/sequoia-a-deep… 2021-07-20 15:35:04
Twitter Icon @hackernewsj CVE-2021-33909:Linuxのファイルシステムレイヤーにおけるsize_t-to-intの脆弱性 openwall.com/lists/oss-secu… 2021-07-20 15:40:49
Twitter Icon @melihozhan New #Sequoia bug gives you root access on most #Linux systems and tracked as CVE-2021-33909, the new #vulnerability… twitter.com/i/web/status/1… 2021-07-20 15:43:06
Twitter Icon @01_security_01 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-20 15:50:09
Twitter Icon @nixcraft A deep root in Linux's filesystem layer (CVE-2021-33909). A nasty bug that can give full root access since Linux ke… twitter.com/i/web/status/1… 2021-07-20 15:52:00
Twitter Icon @0xdea Sequoia: A deep root in Linux’s filesystem layer (CVE-2021-33909) << @qualys did it again! ✊ qualys.com/2021/07/20/cve… 2021-07-20 15:58:38
Twitter Icon @angsumanch Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… 2021-07-20 16:01:21
Twitter Icon @betterhn50 CVE-2021-33909: size_t-to-int vulnerability in Linux’s filesystem layer openwall.com/lists/oss-secu… (news.ycombinator.com/item?id=278931…) 2021-07-20 16:13:58
Twitter Icon @jedisct1 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-20 16:26:00
Twitter Icon @helpnetsecurity Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - helpnetsecurity.com/2021/07/20/cve… -… twitter.com/i/web/status/1… 2021-07-20 16:26:54
Twitter Icon @AngsumansServer CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-20 16:27:58
Twitter Icon @betterhn20 Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… (news.ycombinator.com/item?id=278943…) 2021-07-20 16:29:24
Twitter Icon @HackerNews100 CVE-2021-33909: size_t-to-int vulnerability in Linux’s filesystem layer openwall.com/lists/oss-secu… 2021-07-20 16:30:06
Twitter Icon @M157q_News_RSS CVE-2021-33909: size_t-to-int vulnerability in Linux’s filesystem layer openwall.com/lists/oss-secu… Article URL:… twitter.com/i/web/status/1… 2021-07-20 16:30:58
Twitter Icon @shah_sheikh Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909): A vulnerability (CVE-2021-… twitter.com/i/web/status/1… 2021-07-20 16:33:35
Twitter Icon @newsyc100 CVE-2021-33909: size_t-to-int vulnerability in Linuxs filesystem layer bit.ly/3zcxIr0 (bit.ly/3xWKsSk) 2021-07-20 16:41:42
Twitter Icon @cipherstorm Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909): A vulnerability (CVE-2021-… twitter.com/i/web/status/1… 2021-07-20 16:50:06
Twitter Icon @DeepFriedCyber Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) dlvr.it/S45Spwtwitter.com/i/web/status/1… 2021-07-20 16:50:07
Twitter Icon @Arktronic Linux kernels have had this lovely vulnerability since 2014... blog.qualys.com/vulnerabilitie… 2021-07-20 16:51:29
Twitter Icon @SofiaITC Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) news.sofiaitc.com/S45T8xtwitter.com/i/web/status/1… 2021-07-20 16:52:34
Twitter Icon @omokazuki SIOSセキュリティブログを更新しました。 QualysによるLinux Kernelの脆弱性(Important: CVE-2021-33909)とSystemdの脆弱性(CVE-2021-33910)に関するアドバイザリ… twitter.com/i/web/status/1… 2021-07-20 17:02:00
Twitter Icon @DadeWilliams Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… 2021-07-20 17:02:54
Twitter Icon @IT_securitynews Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) itsecuritynews.info/researchers-fl… 2021-07-20 17:05:55
Twitter Icon @gzunigah Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) bit.ly/3hRUdvBtwitter.com/i/web/status/1… 2021-07-20 17:09:06
Twitter Icon @yipcw New Linux kernel bug lets you get root on most modern distros LPE security flaw tracked as CVE-2021-33909 (dubbed S… twitter.com/i/web/status/1… 2021-07-20 17:12:25
Twitter Icon @Xc0resecurity Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) dlvr.it/S45XYw 2021-07-20 17:13:33
Twitter Icon @pozdnychev Qualys Security Advisory: Sequoia (CVE-2021-33909) - a size_t to int vulnerability in Linux's FS layer. Any user c… twitter.com/i/web/status/1… 2021-07-20 17:31:50
Twitter Icon @0x74696d qualys.com/2021/07/20/cve… Uh oh, no one tell @paddycarver ? twitter.com/paddycarver/st… 2021-07-20 17:35:09
Twitter Icon @CyberSecDN Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - cybersecdn.com/?p=11068twitter.com/i/web/status/1… 2021-07-20 17:43:45
Twitter Icon @TechSpective Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)… twitter.com/i/web/status/1… 2021-07-20 17:51:16
Twitter Icon @w4yh 緩和策の記述が心許ない // QualysによるLinux Kernelの脆弱性(Important: CVE-2021-33909)とSystemdの脆弱性(CVE-2021-33910)に関するアドバイザリ -… twitter.com/i/web/status/1… 2021-07-20 17:53:41
Twitter Icon @w4yh RHSB-2021-006 Long path name in mountpoint flaws in the kernel and systemd (CVE-2021-33909, CVE-2021-33910) - Red H… twitter.com/i/web/status/1… 2021-07-20 17:56:31
Twitter Icon @newsaxes Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) – Help Net Security newsaxes.com/researchers-fl… 2021-07-20 17:57:08
Twitter Icon @Sec_Cyber Researchers flag 7-years-old privilege escalation flaw in #Linux kernel (CVE-2021-33909) feedproxy.google.com/~r/HelpNetSecu… 2021-07-20 18:00:06
Twitter Icon @Sec_Shell blog.qualys.com/vulnerabilitie… 2021-07-20 18:17:51
Twitter Icon @leoneldicamillo Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) snip.ly/zmynqd 2021-07-20 18:21:01
Twitter Icon @KingNormies news.freeptomaineradio.com/?p=114056 Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) new… twitter.com/i/web/status/1… 2021-07-20 18:26:27
Twitter Icon @hackernewsj セコイア:Linuxのファイルシステムレイヤーの深いルート(CVE-2021-33909) qualys.com/2021/07/20/cve… 2021-07-20 18:32:50
Twitter Icon @betterhn50 Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… (news.ycombinator.com/item?id=278943…) 2021-07-20 18:33:59
Twitter Icon @ubernauten Nach erster Sichtung sind wir für CVE-2021-33909 und CVE-2021-33910 nicht anfällig weil es bei uns kein FUSE gibt:… twitter.com/i/web/status/1… 2021-07-20 18:42:09
Twitter Icon @CVEreport CVE-2021-33909 : fs/seq_file.c in the #Linux #kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict s… twitter.com/i/web/status/1… 2021-07-20 18:46:05
Twitter Icon @ChrisShort Recommended Read: RHSB-2021-006 Long path name in mountpoint flaws in the kernel and systemd (CVE-2021-33909, CVE-2… twitter.com/i/web/status/1… 2021-07-20 18:57:01
Twitter Icon @La_MoeT_DW « Gneugneu y zon hacké le président » alors que t’a des trucs comme ça qui sont publié en ce moment .. qualys.com/2021/07/20/cve… 2021-07-20 18:58:09
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 10 times. twitter.com/_r_netsec/stat… #pow1rtrtwwcve 2021-07-20 19:06:01
Twitter Icon @Whitehead4Jeff Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) helpnetsecurity.com/2021/07/20/cve… 2021-07-20 19:10:30
Twitter Icon @LordKarma42 Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-20 19:44:26
Twitter Icon @KuykendallTod Write up with code: qualys.com/2021/07/20/cve… 2021-07-20 20:06:22
Twitter Icon @jvrmaia CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-20 20:44:49
Twitter Icon @josegarciaor qualys.com/2021/07/20/cve… <--- IMPORTANTE 2021-07-20 20:52:21
Twitter Icon @InfoSecHotSpot Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) twib.in/l/eG9zqbnR46G6 https://t.co/thPamx4mV0 2021-07-20 21:05:24
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 10 times. twitter.com/bortzmeyer/sta… #pow1rtrtwwcve 2021-07-20 21:06:01
Twitter Icon @mgorny_gentoo @Gentoo dist-kernels with CVE-2021-33909 fix pushed into amd64/x86 stable. We'll release/stabilize arm64 and ppc64… twitter.com/i/web/status/1… 2021-07-20 21:08:27
Twitter Icon @cyberreport_io Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - Help Net Security… twitter.com/i/web/status/1… 2021-07-20 21:16:33
Twitter Icon @jhvilas helpnetsecurity.com/2021/07/20/cve… 2021-07-20 21:25:30
Twitter Icon @iximeow learning about cve-2021-33909 and well openwall.com/lists/oss-secu… > by creating, mounting, and deleting a deep direct… twitter.com/i/web/status/1… 2021-07-20 21:56:54
Twitter Icon @hutaro_neko Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) helpnetsecurity.com/2021/07/20/cve… 2021-07-20 21:59:58
Twitter Icon @gaetanoz Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… 2021-07-20 22:11:41
Twitter Icon @matsuu_zatsu QualysによるLinux Kernelの脆弱性(Important: CVE-2021-33909)とSystemdの脆弱性(CVE-2021-33910)に関するアドバイザリ security.sios.com/vulnerability/… 2021-07-20 22:15:35
Twitter Icon @axcheron Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… 2021-07-20 22:59:02
Twitter Icon @SecurityNewsbot Researchers flag 7-years-old privilege escalation #flaw in #Linux kernel (CVE-2021-33909) feedproxy.google.com/~r/HelpNetSecu… #HelpNetSecurity 2021-07-20 23:15:08
Twitter Icon @Ernest_Chang_27 helpnetsecurity.com/2021/07/20/cve… 2021-07-21 00:04:51
Twitter Icon @nicoboettcher Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) buff.ly/3xUuc4q 2021-07-21 00:13:49
Twitter Icon @crlsgms Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) helpnetsecurity.com/2021/07/20/cve… 2021-07-21 00:43:38
Twitter Icon @linuxtoy CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer:一个埋藏了 7 年的 Linux 内核漏洞 ,利用该漏洞非特权攻击者可拿到 root… twitter.com/i/web/status/1… 2021-07-21 01:07:55
Twitter Icon @catnap707 Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-21 02:27:45
Twitter Icon @tabmcleod Another #linuxsecurity advisory arstechnica.com/gadgets/2021/0… helpnetsecurity.com/2021/07/20/cve… 2021-07-21 02:34:03
Twitter Icon @vijaycert Here we go #SequoiaVul - an awesome find by @qualys qualys.com/2021/07/20/cve… 2021-07-21 02:42:13
Twitter Icon @ohhara_shiojiri 「「CVE-2021-33909」の調査を行う過程で「systemd」に関するサービス拒否の脆弱性「CVE-2021-33910」についても発見したとしてあわせて公表している。」 2021-07-21 02:46:43
Twitter Icon @ohhara_shiojiri もしやと思っていたらCVE-2021-33909はあれだったな 2021-07-21 02:47:42
Twitter Icon @mootastic CVE-2021-33909: ものすごく深いディレクトリを作り、パスの長さを1GB以上(!)にすると、size_t から int への変換ミスにより vmallocされたメモリ中に "//deleted" という文字列を書き込む… twitter.com/i/web/status/1… 2021-07-21 03:13:45
Twitter Icon @bamitav Researchers flag 7-years-old privilege escalation flaw in #Linux kernel (CVE-2021-33909) helpnetsecurity.com/2021/07/20/cve…twitter.com/i/web/status/1… 2021-07-21 03:16:18
Twitter Icon @jfut CVE-2021-33909、root 権限奪取可能な脆弱性、修正済みバージョン: RHEL 6: kernel-2.6.32-754.41.2.el6.x86_64.rpm (Extended Lifecycle Support… twitter.com/i/web/status/1… 2021-07-21 03:38:25
Twitter Icon @postmodern_mod3 So about CVE-2021-33909 aka Sequoia, can it be triggered by browser caching or HTTP proxy caching? Is mounting and… twitter.com/i/web/status/1… 2021-07-21 04:04:38
Twitter Icon @netsecu blog.qualys.com/vulnerabilitie… Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-3… twitter.com/i/web/status/1… 2021-07-21 04:13:11
Twitter Icon @mopman Wtf, the CVE-2021-33909 bug itself is whatever, but the exploit is a great read and a bit of a mic drop… twitter.com/i/web/status/1… 2021-07-21 04:16:08
Twitter Icon @minamijoyo “oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer” htn.to/4b41A7y8Xf 2021-07-21 04:53:42
Twitter Icon @DimitriFourny CVE-2021-33909: size_t-to-int vulnerability in Linux: openwall.com/lists/oss-secu… 2021-07-21 05:09:46
Twitter Icon @sutest1101 oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-21 05:24:30
Twitter Icon @kristovatlas Nice sign extension vuln in Linux by Qualys qualys.com/2021/07/20/cve… 2021-07-21 05:27:10
Twitter Icon @helpnetsecurity Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - helpnetsecurity.com/2021/07/20/cve… -… twitter.com/i/web/status/1… 2021-07-21 05:30:09
Twitter Icon @nemesis09 Must be the one time windows and Linux developers are working on something at the same time! blog.qualys.com/vulnerabilitie… 2021-07-21 06:03:12
Twitter Icon @TheHackersNews 2 — Dubbed "Sequoia," the #Linux flaw (CVE-2021-33909) affects all kernel versions from 2014, including default ins… twitter.com/i/web/status/1… 2021-07-21 06:53:46
Twitter Icon @trip_elix "2 — Dubbed "Sequoia," the #Linux flaw (CVE-2021-33909) affects all kernel versions from 2014, including default in… twitter.com/i/web/status/1… 2021-07-21 06:57:37
Twitter Icon @alexjbutcher @UK_Daniel_Card Another day, another vuln: qualys.com/2021/07/20/cve… 2021-07-21 07:01:49
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 101 times. twitter.com/qualys/status/… #pow2rtrtwwcve 2021-07-21 07:06:00
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 13 times. twitter.com/pozdnychev/sta… #pow1rtrtwwcve 2021-07-21 07:06:00
Twitter Icon @Secnewsbytes Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-21 07:25:22
Twitter Icon @M157q_News_RSS Linux核心的檔案系統層有個藏匿了7年的權限擴張漏洞 ithome.com.tw/news/145779 資安業者Qualys本周揭露了一個藏匿在Linux核心檔案系統層的安全漏洞CVE-2021-33909,它是個權限擴張漏洞,可… twitter.com/i/web/status/1… 2021-07-21 07:31:04
Twitter Icon @softek_jp Linux Kernel のファイルシステムの処理に特権を奪われる問題 (CVE-2021-33909) [39550] sid.softek.jp/content/show/3… #SIDfm #脆弱性情報 2021-07-21 07:41:15
Twitter Icon @cyb3rops Exploit code for the Linux PrivEsc vulnerability CVE-2021-33909 #Sequoia is on Github github.com/AmIAHuman/CVE-… 2021-07-21 07:41:24
Twitter Icon @icuknet Following this announcement ubuntu.com/security/CVE-2… - we will be applying critical security patches across many hos… twitter.com/i/web/status/1… 2021-07-21 08:32:39
Twitter Icon @TheCyberSecHub Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) helpnetsecurity.com/2021/07/20/cve… 2021-07-21 08:52:06
Twitter Icon @securespectrums ? ? ? ? Exploit code for the Linux Privilege Escalation vulnerability CVE-2021-33909 #Sequoia is on Github Mitigate… twitter.com/i/web/status/1… 2021-07-21 08:52:54
Twitter Icon @CyberFactsIT Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-21 09:01:37
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 14 times. twitter.com/TheHackersNews… #pow1rtrtwwcve 2021-07-21 09:06:00
Twitter Icon @Cyber_O51NT Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… 2021-07-21 09:06:35
Twitter Icon @numanturle helpnetsecurity.com/2021/07/20/cve… github.com/AmIAHuman/CVE-… 2021-07-21 09:09:37
Twitter Icon @gaetanoz Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… 2021-07-21 09:11:10
Twitter Icon @gaetanoz Exploit code for the Linux PrivEsc vulnerability CVE-2021-33909 #Sequoia github.com/AmIAHuman/CVE-… 2021-07-21 09:12:13
Twitter Icon @Anastasis_King CVE-2021-33909 : A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer PoC exploits they created… twitter.com/i/web/status/1… 2021-07-21 09:18:20
Twitter Icon @_hg8_ "Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)" blog.qualys.com/vulnerabilitie… #cve #exploit 2021-07-21 09:32:21
Twitter Icon @_hg8_ CVE-2021-33909 exploit: github.com/AmIAHuman/CVE-… #exploit #cve #linux 2021-07-21 09:32:53
Twitter Icon @Rootcz Sequoia: lokální eskalace práv CVE-2021-33909 postihuje většinu linuxových distribucí root.cz/zpravicky/sequ… 2021-07-21 09:35:44
Twitter Icon @zakame qualys.com/2021/07/20/cve… plurk.com/p/oh2ngf 2021-07-21 09:39:24
Twitter Icon @bigjsl This is an amazing Linux security hole to be found in 2021. | oss-security - CVE-2021-33909: size_t-to-int vulnerab… twitter.com/i/web/status/1… 2021-07-21 09:57:02
Twitter Icon @stmanfr @ActuSpatiales 2 — Dubbed "Sequoia," the Linux flaw (CVE-2021-33909) affects all kernel versions from 2014, includi… twitter.com/i/web/status/1… 2021-07-21 10:28:19
Twitter Icon @wget42 @MathieuCMN @genma @Arawa_fr @LaMouetteODF En effet :) Mais niveau failles de sécurité, CVE-2021-33909 est beaucoup… twitter.com/i/web/status/1… 2021-07-21 11:48:15
Twitter Icon @netalexx A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… 2021-07-21 12:06:34
Twitter Icon @nemesis09 Also reference to the 7.0 cvss score: access.redhat.com/security/cve/c… 2021-07-21 12:17:33
Twitter Icon @spo_vin blog.qualys.com/vulnerabilitie… @linux_pentester @stokfredrik 2021-07-21 12:22:50
Twitter Icon @hpc_sec Exploit code for CVE-2021-33909, a local privilege escalation vulnerability in Linux's filesystem layer is availabl… twitter.com/i/web/status/1… 2021-07-21 12:23:56
Twitter Icon @hpc_sec As always the @qualys team have a great writeup on their blog: blog.qualys.com/vulnerabilitie… if we have anything HPC spec… twitter.com/i/web/status/1… 2021-07-21 12:28:06
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 104 times. twitter.com/mootastic/stat… #pow2rtrtwwcve 2021-07-21 13:06:00
Twitter Icon @piedpiper1616 GitHub - AmIAHuman/CVE-2021-33909: Sequoia exploit (7/20/21) - github.com/AmIAHuman/CVE-… 2021-07-21 13:44:16
Twitter Icon @c3l3si4n PoC for the latest Linux Privilege Escalation PoC disclosed by Qualys :DD github.com/AmIAHuman/CVE-… 2021-07-21 13:52:35
Twitter Icon @pwnwikiorg CVE-2021-33909 Sequoia Linux Kernel 類型轉換漏洞 (可用於權限提升) short.pwnwiki.org/?c=UJ6Gj7 https://t.co/t6RUxgE095 2021-07-21 13:54:16
Twitter Icon @InfoSecIrvin Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-21 14:13:57
Twitter Icon @chemconsultor ' 2 - Apodada "Sequoia", la falla de Linux (CVE-2021-33909) afecta a todas las versiones del kernel de 2014, inclu… twitter.com/i/web/status/1… 2021-07-21 14:18:40
Twitter Icon @unix_ninja ???Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - Help Net Security helpnetsecurity.com/2021/07/20/cve… 2021-07-21 14:23:03
Twitter Icon @julianor CVE-2021-33909 file system path overflow in kernel expoited overwriting validated eBPF code with "//deleted".This… twitter.com/i/web/status/1… 2021-07-21 14:32:15
Twitter Icon @julianor Read all the details of this (not so) boomer exploit here: qualys.com/2021/07/20/cve… 2021-07-21 14:32:51
Twitter Icon @valerauko uff blog.qualys.com/vulnerabilitie… 2021-07-21 14:36:58
Twitter Icon @gelim #sequoia is the tallest tree, as for the nested dirs in your VM after checking the CVE-2021-33909 PoC ? 2021-07-21 14:41:21
Twitter Icon @perr0r Sequoia (CVE-2021-33909) POC github.com/AmIAHuman/CVE-… 2021-07-21 15:18:00
Twitter Icon @RooneyMcNibNug 'Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)' blog.qualys.com/vulnerabilitie… 2021-07-21 16:16:37
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 10 times. twitter.com/linuxtoy/statu… #pow1rtrtwwcve 2021-07-21 17:06:01
Twitter Icon @Race_Banon Llamada #Sequoia y rastreada como CVE-2021-33909, la nueva #vulnerabilidad se descubrió en la capa del sistema de a… twitter.com/i/web/status/1… 2021-07-21 17:30:37
Twitter Icon @twelvesec #Hackers can gain root privileges by exploiting #Sequoia an #LPE vulnerability (CVE-2021-33909) in default configur… twitter.com/i/web/status/1… 2021-07-21 17:44:02
Twitter Icon @Dinosn Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-21 18:25:04
Twitter Icon @Shubhxt PoC of CVE-2021-33909 Vulnerability ?? Watch “Sequoia: A Local Privilege Escalation Vulnerability in Linux's File… twitter.com/i/web/status/1… 2021-07-21 18:26:15
Twitter Icon @1337Ph4N70M qualys.com/2021/07/20/cve… 2021-07-21 18:59:15
Twitter Icon @hunleyd Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security… twitter.com/i/web/status/1… 2021-07-21 19:00:32
Twitter Icon @ankinfosec Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… via @qualys 2021-07-21 19:04:41
Twitter Icon @blauskaerm1 Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909)… twitter.com/i/web/status/1… 2021-07-21 19:06:55
Twitter Icon @ryanj New privilege escalation CVE: "Sequoia" CVE-2021-33909 blog.qualys.com/vulnerabilitie… 2021-07-21 19:20:16
Twitter Icon @FedoraCoreOS New security updates rolling out for CVE-2021-33909 and CVE-2021-33910: - 34.20210626.3.2 -> stable (tomorrow) - 3… twitter.com/i/web/status/1… 2021-07-21 19:24:23
Twitter Icon @ACBM_COM Faille noyau permettant de devenir root localement sur Linux, elle datait de 2014 qualys.com/2021/07/20/cve… 2021-07-21 19:44:01
Twitter Icon @j0hn__f The widely shared github repo with exploit code for CVE-2021-33909 has disappeared. But you can find good code here… twitter.com/i/web/status/1… 2021-07-21 20:21:56
Twitter Icon @decimalator CVE-2021-33909: If you’re running a Linux kernel that’s pre-2014 you’re not affected. By THAT one. if you’re NOT r… twitter.com/i/web/status/1… 2021-07-21 20:39:27
Twitter Icon @decimalator @AdrienneCohea probably should have led with that blog.qualys.com/vulnerabilitie… 2021-07-21 20:42:08
Twitter Icon @decimalator blog.qualys.com/vulnerabilitie… 2021-07-21 20:42:23
Twitter Icon @linuxsolutions Researchers Flag 7-Years-Old Privilege Escalation Flaw in Linux Kernel (CVE-2021-33909) dlvr.it/S49fVZ https://t.co/foWozJtHBM 2021-07-21 20:49:33
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 102 times. twitter.com/cyb3rops/statu… #pow2rtrtwwcve 2021-07-21 21:06:00
Twitter Icon @akaclandestine ■■■■□ A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909). blog.qualys.com/vulnerabilitie… 2021-07-21 21:15:35
Twitter Icon @LinInfoSec Debian - CVE-2021-33909: cdn.kernel.org/pub/linux/kern… 2021-07-21 21:30:16
Twitter Icon @kennwhite “CVE-2021-33909 allows a [local, non-admin Linux] user to gain unfettered system rights by creating, mounting, and… twitter.com/i/web/status/1… 2021-07-21 21:46:58
Twitter Icon @mcraddock Why are we still relying and trusting OS's to protect our data? FFS, take a look at MPC and FHE 2021-07-21 21:50:01
Twitter Icon @foxbook 「専門家は、CVE-2021-33909として追跡されるローカル特権昇格を発見しました。これにより、攻撃者はほとんどのLinuxディストリビューションでrootアクセスを取得できる可能性があります。」 securityaffairs.co/wordpress/1203… 2021-07-21 23:32:55
Twitter Icon @CyberSecDN Researchers flag 7-years-old privilege escalation flaw in #Linux kernel (CVE-2021-33909) feedproxy.google.com/~r/HelpNetSecu… #Sec_Cyber 2021-07-22 00:23:11
Twitter Icon @icmp_0 Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) blog.qualys.com/vulnerabilitie… 2021-07-22 00:26:06
Twitter Icon @matarturo A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909). blog.qualys.com/vulnerabilitie… 2021-07-22 00:39:00
Twitter Icon @sudoutopia @c3l3si4n Luckily there is also wayback archive of it. web.archive.org/web/2021072109… 2021-07-22 00:50:30
Twitter Icon @zu2 “oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer” htn.to/RwY4FpUNTH 2021-07-22 01:00:27
Twitter Icon @Cj_bc_sd 流し読みだけした(Cそんなわからないので) …型変換ってこわ…… oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem… twitter.com/i/web/status/1… 2021-07-22 01:19:06
Twitter Icon @bigendiansmalls The github for CVE-2021-33909 was taken down. It is also here: openwall.com/lists/oss-secu… #kernel #vulnerability 2021-07-22 01:54:49
Twitter Icon @nf3xn @bigendiansmalls No? Looks good to me. github.com/Liang2580/CVE-… 2021-07-22 01:55:27
Twitter Icon @twelvesec #Cybersecurity experts discovered an #LPE (CVE-2021-33909) that could allow attackers to get root access on most… twitter.com/i/web/status/1… 2021-07-22 02:05:03
Twitter Icon @ndifix CVE-2021-33909ね、ギャグみたいで好きだよ 2021-07-22 02:36:38
Twitter Icon @Go_NGYO oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer dlvr.it/S4BSTT 2021-07-22 03:55:02
Twitter Icon @BenjaminUrquhrt @0rbianta @cyb3rops web.archive.org/web/2021072107… 2021-07-22 04:38:36
Twitter Icon @AmarSaar Absolutely fantastic exploit qualys.com/2021/07/20/cve… :) 2021-07-22 04:59:39
Twitter Icon @FookNews Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - Help Net Security fook.news/SqN2OD 2021-07-22 05:10:25
Twitter Icon @loukkis @mkviitanen Not so fast... blog.qualys.com/vulnerabilitie… 2021-07-22 05:17:36
Twitter Icon @FlairSouler Hats off to the team @qualys, CVE-2021-33909 is a doozy. Linux peeps, time to be patching! 2021-07-22 05:40:44
Twitter Icon @Alesanco83 Sequoia: A Local Privilege Escalation Vulnerability in #Linux’s Filesystem Layer (CVE-2021-33909) ? blog.qualys.com/vulnerabilitie… 2021-07-22 06:59:40
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 12 times. twitter.com/kennwhite/stat… #pow1rtrtwwcve 2021-07-22 07:06:00
Twitter Icon @magiauk oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer ift.tt/3zbLzxG 2021-07-22 07:51:22
Twitter Icon @AttaullahCSR 1/2 2 — Dubbed "Sequoia," the #Linux flaw (CVE-2021-33909) affects all kernel versions from 2014, including defaul… twitter.com/i/web/status/1… 2021-07-22 09:11:51
Twitter Icon @the_yellow_fall CVE-2021-33909: Linux kernel local privilege escalation vulnerability alert meterpreter.org/cve-2021-33909… #info #news #tech 2021-07-22 09:42:06
Twitter Icon @u_n_a_g_i_dog CVE-2021-33909の原因"The issue results from not validating the size_t-to-int conversion prior to performing operations."で草 2021-07-22 09:56:45
Twitter Icon @munini_atto bullseyeも CVE-2021-33909 修正来た。#debian security-tracker.debian.org/tracker/CVE-20… 2021-07-22 10:04:34
Twitter Icon @eagerbeavertech zdnet.com/article/patch-… This Linux security hole has been named Sequoia and it's been designated CVE-2021-33909. 2021-07-22 10:04:36
Twitter Icon @etguenni Sequoia: LPE-Schwachstelle CVE-2021-33909 in Linux borncity.com/blog/2021/07/2… #Linux #Sicherheit Borns IT- & Windows-Blog 2021-07-22 10:44:56
Twitter Icon @admonaut #Schwachstelle im Dateisystem vom #Linux #Kernel betrifft viele Distributionen CVE-2021-33909 administrator.de/knowledge/schw… 2021-07-22 11:02:17
Twitter Icon @gmarti Vulnerabilidad #Sequoia en la capa del sistema de ficheros de Linux. CVE-2021-33909 Un usuario sin privilegios pue… twitter.com/i/web/status/1… 2021-07-22 11:03:47
Twitter Icon @shuntassanders blog.qualys.com/vulnerabilitie… 2021-07-22 11:07:14
Twitter Icon @admonaut #Vulnerability in #Linux #kernel file system affects many distributions CVE-2021-33909 administrator.pro/knowledge/vuln… 2021-07-22 11:09:19
Twitter Icon @fradie59 #Linux #Kernel - Update auf 5.13.4 empfohlen: meterpreter.org/cve-2021-33909… 2021-07-22 11:14:19
Twitter Icon @ntsuji Qualys Security Advisory Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… qualys.com/2021/07/20/cve… 2021-07-22 11:47:14
Twitter Icon @ntsuji NVD - CVE-2021-33909 2021-07-22 11:47:15
Twitter Icon @masedinet @nixcraft It'll not good, if you don't patch your distros now CVE-2021-33910 CVE-2021-33909 2021-07-22 11:48:25
Twitter Icon @fadis_ CVE-2021-33909: Linuxカーネル(3.16以降)がファイルパスを扱う際にその長さをsize_tで持っているにもかかわらず一部の関数が長さをintで扱っている為に1GBを超える信じられない程長いパスのディレクトリを… twitter.com/i/web/status/1… 2021-07-22 11:52:07
Twitter Icon @ChrisShort Recommended Read: oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-22 12:27:01
Twitter Icon @etguenni Sequoia: LPE Vulnerability CVE-2021-33909 in Linux borncity.com/win/?p=20762 #Linux #Security Born's Tech and Windows World 2021-07-22 12:31:06
Twitter Icon @pinboard_pop oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer openwall.com/lists/oss-secu… 2021-07-22 13:00:06
Twitter Icon @xDragunov CVE-2021-33909 Dnesek be like: A patcher patcher patcher patcher, reboot reboot. https://t.co/WrqHkpVYb3 2021-07-22 13:17:24
Twitter Icon @natrouga 剛剛看到的資安相關資訊 跟Linux相關的 是有關於Linux核心的檔案系統相關的漏洞 看起來應該是 檔案路徑太長的狀況下 會導致檔案系統壞掉 讓一般帳號可以取得root權限 而且 誇張的是 2014年至今的系統都會受到影響!! blog.qualys.com/vulnerabilitie… 2021-07-22 14:08:33
Twitter Icon @7aSecurity Nice #Linux #PrivEsc PoC! blog.qualys.com/vulnerabilitie… 2021-07-22 14:15:37
Twitter Icon @argevise Découverte d'une faille de type LPE dans le noyau Linux (CVE-2021-33909, aka Sequoia) qui permet à un attaquant non… twitter.com/i/web/status/1… 2021-07-22 14:17:53
Twitter Icon @hirurin @tokagetail blog.qualys.com/vulnerabilitie… 2021-07-22 14:36:29
Twitter Icon @be0x74a Busy afternoon watching over threads about CVE-2021-33909 and now Akamai outage https://t.co/WJlsb1UCn5 2021-07-22 16:13:26
Twitter Icon @heyitsmozzie Thanks CVE-2021-33909 for ruining my evening. blog.qualys.com/vulnerabilitie… 2021-07-22 16:17:05
Twitter Icon @WorkingHardInIT Yes, upgraded my Ubuntu lab machines: ubuntu.com/security/CVE-2… also see bleepingcomputer.com/news/security/… #MVPBuzz https://t.co/MhU3MGRHyv 2021-07-22 16:27:09
Twitter Icon @LiberalMark blog.qualys.com/vulnerabilitie… 2021-07-22 16:29:18
Twitter Icon @SiriusOpen Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) bit.ly/2W2FPbw #opensource #linux 2021-07-22 17:03:00
Twitter Icon @The_Great_Mega linux seq_file interface size_t to int conversion creates a vuln : qualys.com/2021/07/20/cve… 2021-07-22 19:19:23
Twitter Icon @morodog #News CVE-2021-33909: Linux kernel local privilege escalation vulnerability alert: On July 21, 2021, RedHat officia… twitter.com/i/web/status/1… 2021-07-22 19:44:08
Twitter Icon @sakhi_louw @khushi_321 CVE-2021-33909 ;) 2021-07-22 20:46:09
Twitter Icon @sakhi_louw Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) qualys.com/2021/07/20/cve… 2021-07-22 20:52:52
Twitter Icon @ChrisShort Recommended Read: Sequoia local privilege escalation linux qualys.com/2021/07/20/cve… 2021-07-22 20:57:01
Twitter Icon @morodog CVE-2021-33909: Linux kernel local privilege escalation vulnerability alert: On July 21, 2021, RedHat officially re… twitter.com/i/web/status/1… 2021-07-22 23:45:06
Twitter Icon @dikylung #LINUX Patch time. blog.qualys.com/vulnerabilitie… 2021-07-22 23:56:28
Twitter Icon @kjoonlee Sequoia: A deep root in Linux's filesystem layer (CVE-2021-33909) 커널 버그 이름이 왜 거삼나무인가 했더니 deep tree 안에 root exploit… twitter.com/i/web/status/1… 2021-07-23 00:26:15
Twitter Icon @hdk_2 CVE-2021-33909 って、root 権限が取れる可能性より、Secure Boot 回避できる可能性がまずそうなのでは? みたいな 2021-07-23 00:48:39
Twitter Icon @management_sun IT Risk: SUSE.Linux Kernelに複数の脆弱性 CVE-2021-34693 CVE-2021-33909 CVE-2021-33624 CVE-2021-33200 CVE-2021-22555 CVE-20… twitter.com/i/web/status/1… 2021-07-23 01:30:42
Twitter Icon @management_sun IT Risk: Multiple vulnerabilities in SUSE.Linux Kernel CVE-2021-34693 CVE-2021-33909 CVE-2021-33624 CVE-2021-33200… twitter.com/i/web/status/1… 2021-07-23 01:31:22
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 117 times. twitter.com/fadis_/status/… #pow2rtrtwwcve 2021-07-23 03:06:00
Twitter Icon @ipssignatures The vuln CVE-2021-33909 has a tweet created 0 days ago and retweeted 10 times. twitter.com/gmarti/status/… #pow1rtrtwwcve 2021-07-23 03:06:01
Twitter Icon @ATDT_ CVE-2021-33909 kernel: size_t-to-int conversion vulnerability in the filesystem layer access.redhat.com/security/cve/c… qualys.com/2021/07/20/cve… 2021-07-23 05:57:20
Twitter Icon @CharlieBismuth Ouch, ça pique ! ? Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909… twitter.com/i/web/status/1… 2021-07-23 05:58:05
Twitter Icon @nathanpoopshaw @SwiftOnSecurity 2021-07-23 08:16:21
Twitter Icon @sho_bububu 面白い脆弱性 CVE-2021-33909- Red Hat Customer Portal access.redhat.com/security/cve/c… 2021-07-23 09:20:28
Twitter Icon @murat_cileli İlgili yama, Git'e gönderildi ancak dağıtımlara henüz bir güncelleme gelmedi. #linux blog.qualys.com/vulnerabilitie… 2021-07-23 09:34:10
Twitter Icon @Mark_Antony Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) bit.ly/2W2FPbwtwitter.com/i/web/status/1… 2021-07-23 13:01:00
Twitter Icon @oss_security Re: CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer: Posted by Qualys Security Advisory on… twitter.com/i/web/status/1… 2021-07-23 13:41:06
Twitter Icon @askubuntumemes Was this vulnerability CVE-2021-33909 pached by kernel 5.8.0-63-generic? askubuntu.com/questions/1353… #security #kernel https://t.co/K7eiuQ53Ai 2021-07-23 14:48:07
Reddit Logo Icon /r/netsec Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog 2021-07-20 13:44:22
Reddit Logo Icon /r/blackhat CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer 2021-07-20 15:30:24
Reddit Logo Icon /r/cybersecurity A deep root in Linux's filesystem layer (CVE-2021-33909) 2021-07-20 15:42:23
Reddit Logo Icon /r/cybersecurity Sequoia: Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) 2021-07-20 18:07:07
Reddit Logo Icon /r/devopsish RHSB-2021-006 Long path name in mountpoint flaws in the kernel and systemd (CVE-2021-33909, CVE-2021-33910) - Red Hat Customer Portal 2021-07-20 17:43:14
Reddit Logo Icon /r/netcve CVE-2021-33909 2021-07-20 19:40:32
Reddit Logo Icon /r/linux CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer 2021-07-20 22:31:38
Reddit Logo Icon /r/devopsish oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer 2021-07-21 00:58:28
Reddit Logo Icon /r/lowlevel Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog 2021-07-21 05:09:50
Reddit Logo Icon /r/linuxadmin Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) 2021-07-21 06:36:39
Reddit Logo Icon /r/sysadmin Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer 2021-07-21 08:15:13
Reddit Logo Icon /r/redhat Is there an exploit/ script that I can use to check if my RHEL servers are vulnerable to this ? It mentions that product is affected (using RHEL 7) but is there a way to verify before and after patch? 2021-07-21 15:57:12
Reddit Logo Icon /r/RedSec Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog 2021-07-21 21:44:45
Reddit Logo Icon /r/SecOpsDaily Sequoia: A Local Privilege Escalation Vulnerability in Linux’s Filesystem Layer (CVE-2021-33909) | Qualys Security Blog 2021-07-22 12:47:57
Reddit Logo Icon /r/linuxmint Vulnerability CVE-2021-33909. Mint 19 currently on 5.4.0-80-generic 2021-07-22 17:15:21
Reddit Logo Icon /r/linux oss-security - CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer 2021-07-26 12:26:28
Reddit Logo Icon /r/netsec Detecting potential exploits of CVE-2021-33909 "Sequoia" with Falco - Linux FS privilege escalation 2021-07-28 17:42:13
Reddit Logo Icon /r/Malware Detecting potential exploits of CVE-2021-33909 "Sequoia" with Falco - Linux FS privilege escalation 2021-07-28 17:42:22
Reddit Logo Icon /r/Nable NABLE: What we are working on... 2021-07-30 13:34:16
Reddit Logo Icon /r/asustor ADM 4.0.0.RMD2 Release Notes 2021-10-13 09:40:06
Reddit Logo Icon /r/redhat Confusion of .X releases 2021-12-01 15:11:56
© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report