PT-2021-2468 · Linux+7 · Linux Kernel+7
De4Dcr0W
·
Published
2021-02-13
·
Updated
2021-12-02
·
CVE-2021-3444
CVSS v3.1
7.8
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 5.11.2
Linux kernel versions prior to 5.10.19
Linux kernel versions prior to 5.4.101
Description
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this to gain out-of-bounds reads in kernel memory, leading to information disclosure, and possibly out-of-bounds writes that could potentially lead to code execution.
Recommendations
For Linux kernel versions prior to 5.11.2, update to version 5.11.2 or later.
For Linux kernel versions prior to 5.10.19, update to version 5.10.19 or later.
For Linux kernel versions prior to 5.4.101, update to version 5.4.101 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu