CVE-2021-20194

Name of the Vulnerable Software and Affected Versions: linux kernel versions higher than 5.2

Description: The issue arises from a vulnerability in the linux kernel when compiled with specific config parameters, including CONFIG BPF SYSCALL=y, CONFIG BPF=y, CONFIG CGROUPS=y, CONFIG CGROUP BPF=y, and CONFIG HARDENED USERCOPY not set, along with a registered BPF hook to getsockopt. This vulnerability allows a local user to trigger a bug in the cgroup bpf run filter getsockopt() function, potentially leading to a heap overflow due to non-hardened usercopy. The impact of the attack could result in denial of service or possibly privileges escalation.

Recommendations: For linux kernel versions higher than 5.2, consider disabling the BPF hook to getsockopt as a temporary workaround until a patch is available. Restrict access to the cgroup bpf run filter getsockopt() function to minimize the risk of exploitation. Avoid using the getsockopt API endpoint with BPF execution until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.