Improper Access Control in linux-qemu-6.18 | CVE-2021-3864

Threat Intelligence

0.57% (69^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk Learn

Learn about Improper Access Control vulnerabilities in an interactive lesson.

Start learning

Snyk IDSNYK-CHAINGUARDLATEST-LINUXQEMU618-15043885
published21 Jan 2026
disclosed26 Aug 2022

Report a new vulnerability Found a mistake?

Introduced: 26 Aug 2022

CVE-2021-3864 (opens in a new tab) CWE-284 (opens in a new tab)

Amendment

The Chainguard security team deemed this advisory irrelevant for Chainguard:latest.

NVD Description

Note: Versions mentioned in the description apply only to the upstream linux-qemu-6.18 package and not the linux-qemu-6.18 package as distributed by Chainguard.

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges.

Improper Access Control The advisory has been revoked - it doesn't affect any version of package linux-qemu-6.18 (opens in a new tab)