PT-2021-2653 · Linux+9 · Linux Kernel+9

Published

2021-04-08

Updated

2024-03-25

CVE-2021-29154

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.11.12

Description The issue is related to incorrect computation of branch displacements in BPF JIT compilers, allowing them to execute arbitrary code within the kernel context. This affects files arch/x86/net/bpf jit comp.c and arch/x86/net/bpf jit comp32.c. The vulnerability can be exploited by a local user to achieve code execution at the kernel level.

Recommendations For Linux kernel versions through 5.11.12, apply the available patch to fix the issue. As a temporary workaround, consider restricting access to the BPF JIT compiler to minimize the risk of exploitation.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

ALSA-2022:1988

ALT-PU-2021-1628

ALT-PU-2021-1629

ALT-PU-2021-1640

ALT-PU-2021-1661

ALT-PU-2021-1698

ALT-PU-2021-1739

ALT-PU-2021-1768

ALT-PU-2021-1776

ALT-PU-2021-1862

ALT-PU-2021-1866

ALT-PU-2021-1869

ALT-PU-2021-1896

ALT-PU-2021-2671

ALT-PU-2021-3430

AZL-6544

BDU:2021-02182

CESA-2021_3327

CESA-2022_1975

CESA-2022_1988

CVE-2021-29154

DLA-2689-1

DLA-2690-1

LSN-0076-1

MGASA-2021-0191

MGASA-2021-0192

OESA-2021-1176

OPENSUSE-SU-2021:0579-1

OPENSUSE-SU-2021:0758-1

OPENSUSE-SU-2021:1975-1

OPENSUSE-SU-2021:1977-1

OPENSUSE-SU-2021_0579-1

OPENSUSE-SU-2021_0758-1

OPENSUSE-SU-2021_1975-1

OPENSUSE-SU-2021_1977-1

RHSA-2021:3327

RHSA-2021:3328

RHSA-2021_3327

RHSA-2021_3328

RHSA-2022:1975

RHSA-2022:1988

RHSA-2022_1975

RHSA-2022_1988

RLSA-2022:1975

RLSA-2022:1988

SUSE-SU-2021:1210-1

SUSE-SU-2021:1211-1

SUSE-SU-2021:1238-1

SUSE-SU-2021:1248-1

SUSE-SU-2021:1266-1

SUSE-SU-2021:1301-1

SUSE-SU-2021:14764-1

SUSE-SU-2021:1573-1

SUSE-SU-2021:1596-1

SUSE-SU-2021:1617-1

SUSE-SU-2021:1623-1

SUSE-SU-2021:1624-1

SUSE-SU-2021:1625-1

SUSE-SU-2021:1715-1

SUSE-SU-2021:1724-1

SUSE-SU-2021:1728-1

SUSE-SU-2021:1865-1

SUSE-SU-2021:1870-1

SUSE-SU-2021:1975-1

SUSE-SU-2021:1977-1

SUSE-SU-2021:2198-1

SUSE-SU-2021:2577-1

SUSE-SU-2021_14764-1

USN-4912-1

USN-4916-1

USN-4916-2

USN-4917-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Rocky Linux

Suse

Ubuntu

PT-2021-2653 · Linux+9 · Linux Kernel+9

CVE-2021-29154

Weakness Enumeration

Related Identifiers

Affected Products

References · 737