QwikSec

Security Database

CVE

CWE

Training

CVE-2021-3982

Published: Apr 29, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low privilege permissions, may take advantage of the way CAP_SYS_NICE is currently implemented and eventually load code to increase its process scheduler priority leading to possible DoS of other services running in the same machine.

Vendor	Product	Versions
n/a	gnome-shell	affected `gnome-shell downstream versions using CAP_SYS_NICE`

Weaknesses (CWE)

References

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/2284

https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/2060

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.