PT-2021-2801 · Linux+8 · Linux Kernel+8

Benedict Schlueter

+1

·

Published

2021-04-17

·

Updated

2025-09-29

·

CVE-2021-29155

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.11.x
Description An issue in the Linux kernel allows for undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks. This can defeat Spectre mitigations and obtain sensitive information from kernel memory. The issue is related to the kernel/bpf/verifier.c component and involves the incorrect accounting of pointer modification during sequences of pointer arithmetic operations.
Recommendations For Linux kernel versions through 5.11.x, consider applying a patch or update that addresses the issue in kernel/bpf/verifier.c to prevent out-of-bounds speculation on pointer arithmetic. As a temporary workaround, consider restricting access to sensitive kernel memory or disabling the verifier.c component until a patch is available.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2021:4356
ALSA-2021_4356
ALSA-2024_2394
ALSA-2024_9401
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2021-1698
ALT-PU-2021-1707
ALT-PU-2021-1869
ALT-PU-2021-1888
ALT-PU-2021-1896
ALT-PU-2022-1240
ALT-PU-2022-1419
ALT-PU-2022-1421
ALT-PU-2023-1814
AZL-6545
BDU:2021-02346
CESA-2021_4140
CESA-2021_4356
CVE-2021-29155
DLA-2690-1
ELSA-2021-4356
ELSA-2021-9362
ELSA-2021-9363
MGASA-2021-0204
MGASA-2021-0205
OESA-2021-1176
OPENSUSE-SU-2021:0716-1
OPENSUSE-SU-2021:0873-1
OPENSUSE-SU-2021:1975-1
OPENSUSE-SU-2021:1977-1
OPENSUSE-SU-2021_0716-1
OPENSUSE-SU-2021_0873-1
OPENSUSE-SU-2021_1975-1
OPENSUSE-SU-2021_1977-1
OPENSUSE-SU-2024_1489-1
RHSA-2021:4140
RHSA-2021:4356
RHSA-2021_4140
RHSA-2021_4356
SUSE-SU-2021:1571-1
SUSE-SU-2021:1572-1
SUSE-SU-2021:1573-1
SUSE-SU-2021:1574-1
SUSE-SU-2021:1595-1
SUSE-SU-2021:1596-1
SUSE-SU-2021:1605-1
SUSE-SU-2021:1622-1
SUSE-SU-2021:1624-1
SUSE-SU-2021:1915-1
SUSE-SU-2021:1975-1
SUSE-SU-2021:1977-1
SUSE-SU-2021_1571-1
SUSE-SU-2021_1572-1
SUSE-SU-2021_1573-1
SUSE-SU-2021_1574-1
SUSE-SU-2021_1595-1
SUSE-SU-2021_1596-1
SUSE-SU-2021_1622-1
SUSE-SU-2021_1624-1
SUSE-SU-2021_1915-1
SUSE-SU-2021_1975-1
SUSE-SU-2021_1977-1
SUSE-SU-2024:1489-1
SUSE-SU-2024_1489-1
USN-4977-1
USN-4983-1
USN-4999-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu