- SentinelLabs has discovered a heap overflow vulnerability in the TIPC module of the Linux Kernel.
- The vulnerability can be exploited either locally or remotely within a network to gain kernel privileges, allowing an attacker to compromise the entire system.
- The TIPC module comes with all major Linux distributions but needs to be loaded in order to enable the protocol.
- A patch has been released on the 29th of October and affects kernel versions between 5.10 and 5.15.
- At this time, SentinelOne has not identified evidence of in-the-wild abuse.
19 Oct 2021 - SentinelLabs supplied the initial vulnerability report to the Kernel.org team
19 Oct 2021 - Greg K.H. responds and adds the TIPC maintainers to the email thread
21 Oct 2021 - The patch is finalised
25 Oct 2021 - The patch is added to lore.kernel.org
29 Oct 2021 - The patch is added to the mainline repository
31 Oct 2021 - The patch is now officially under 5.15
04 Nov 2021 - SentinelLabs publicly disclose details of the vulnerability