cvedb.io
CVE-2021-43411
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-11-07T18:15:07.693 · Last modified 2026-06-17T04:10:56.190

Summary

An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid executable, there's a window of time when the process already has the new privileges, but still refers to the old task and is accessible through the old process port. This can be exploited to get full root access.

Affected products

gnu — hurd

Does this affect you?

Add your gear to cvedb and we'll alert you only when gnu ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.