vulnerability

Arch Linux: Sandbox escape (CVE-2021-32773)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Jul 19, 2021	Jul 11, 2025	Nov 27, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Jul 19, 2021

Added

Jul 11, 2025

Modified

Nov 27, 2025

Description

In Racket versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow system functions to be controlled by the attacker, giving access to facilities intended to be restricted.

Solution

arch-linux-upgrade-latest

References

CVE-2021-32773
https://attackerkb.com/topics/CVE-2021-32773
URL-https://github.com/racket/racket/commit/6ca4ffeca1e5877d44f835760ad89f18488d97e1
URL-https://github.com/racket/racket/security/advisories/GHSA-cgrw-p7p7-937c
URL-https://security.archlinux.org/ASA-202107-39
CWE-441
CWE-610

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today