What the vulnerability does

01Description

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

Key dates

02Disclosure timeline

August 5, 2021 CVE published
August 3, 2024 Record updated