PT-2020-6700 · Linux+5 · Linux Kernel+5

Dhananjay Arunesh

Published

2020-03-25

Updated

2025-06-17

CVE-2021-4159

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel's eBPF verifier when handling internal data structures allows internal memory locations to be returned to userspace. This can be exploited by a local attacker with permissions to insert eBPF code to the kernel, potentially leaking internal kernel memory details and defeating some exploit mitigations in place for the kernel.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-17CWE-202

Related Identifiers

ALT-PU-2020-2098

ALT-PU-2020-2164

ALT-PU-2020-2209

ALT-PU-2020-2409

ALT-PU-2020-2432

ALT-PU-2020-2687

ALT-PU-2021-1621

ALT-PU-2021-1656

ALT-PU-2021-1739

ALT-PU-2021-1862

ALT-PU-2021-1866

ALT-PU-2021-1870

BDU:2022-05426

CVE-2021-4159

DLA-3131-1

OESA-2022-1559

OPENSUSE-SU-2022:0363-1

OPENSUSE-SU-2022_0363-1

SUSE-SU-2022:0363-1

SUSE-SU-2025:01983-1

SUSE-SU-2025_01983-1

USN-5668-1

USN-5677-1

USN-5682-1

USN-5706-1

USN-5790-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2020-6700 · Linux+5 · Linux Kernel+5

CVE-2021-4159

Weakness Enumeration

Related Identifiers

Affected Products

References · 460