wtf
An unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root.
If your kernel was built between 2017 and the patch — which covers essentially every mainstream Linux distribution — you’re in scope.
how does that only get a CVE score of 7.8, the impact of this is huge
Probably because the attack vector is having a user account on the target
Exactly. It’s Yet Another Privilege Escalation Vulnerability. Unless you’re dealing with a multiuser machine, the attacker first needs to use some other vuln to get into an unprivileged account. Without that additional vulnerability, this exploit is useless.
some other vuln
You mean like inveigling it into a pypi or npm or whatever package? Checks out.
That’s privilege escalation for you. 7.8 is pretty high.
The Python script to check if you are vulnerable is extremely suspicious and hard to decipher.