CVE-2020-8835

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.4.7 through 5.4.28 Linux kernel versions 5.5.0 through 5.5.13 Linux kernel versions 5.6.0 through 5.6.0

Description The vulnerability is related to the bpf verifier in the Linux kernel, which did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. This issue affects the Linux 5.4 stable series and newer versions. The vulnerability can be exploited to escalate privileges, allowing an attacker to gain root access. A working exploit exists but has not been publicly released. The vulnerability is present in the eBPF subsystem, which allows running handlers for tracing, analyzing subsystems, and managing traffic within the kernel.

Recommendations For Linux kernel versions 5.4.7 through 5.4.28, update to version 5.4.29 or later. For Linux kernel versions 5.5.0 through 5.5.13, update to version 5.5.14 or later. For Linux kernel versions 5.6.0 through 5.6.0, update to version 5.6.1 or later. As a temporary workaround, consider restricting access to the eBPF subsystem to minimize the risk of exploitation.