Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveLinuxCVE-2021-46974
HistoryFeb 27, 2024 - 7:04 p.m.

CVE-2021-46974

2024-02-2719:04:07
Linux
web.nvd.nist.gov
4675
cve-2021-46974
linux kernel
bpf
vulnerability
fix
security update
nvd

AI Score

6.2

Confidence

Low

EPSS

0

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix masking negation logic upon negative dst register

The negation logic for the case where the off_reg is sitting in the
dst register is not correct given then we cannot just invert the add
to a sub or vice versa. As a fix, perform the final bitwise and-op
unconditionally into AX from the off_reg, then move the pointer from
the src to dst and finally use AX as the source for the original
pointer arithmetic operation such that the inversion yields a correct
result. The single non-AX mov in between is possible given constant
blinding is retaining it as it’s not an immediate based operation.

Affected configurations

Vulners
Node
linuxlinux_kernelRange5.04.14.233
OR
linuxlinux_kernelRange4.15.04.19.190
OR
linuxlinux_kernelRange4.20.05.4.117
OR
linuxlinux_kernelRange5.5.05.10.35
OR
linuxlinux_kernelRange5.11.05.11.19
OR
linuxlinux_kernelRange5.12.05.12.2
OR
linuxlinux_kernelRange5.13.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/bpf/verifier.c"
    ],
    "versions": [
      {
        "version": "ae03b6b1c880",
        "lessThan": "4d542ddb88fb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "f92a819b4cbe",
        "lessThan": "0e2dfdc74a7f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "979d63d50c0c",
        "lessThan": "53e0db429b37",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "979d63d50c0c",
        "lessThan": "2cfa537674cd",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "979d63d50c0c",
        "lessThan": "6eba92a4d4be",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "979d63d50c0c",
        "lessThan": "7cf64d8679ca",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "979d63d50c0c",
        "lessThan": "b9b34ddbe207",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/bpf/verifier.c"
    ],
    "versions": [
      {
        "version": "5.0",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.0",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.233",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.190",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.117",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.35",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.11.19",
        "lessThanOrEqual": "5.11.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.12.2",
        "lessThanOrEqual": "5.12.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.13",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

prion 1
cvelist 1
redhatcve 1
debiancve 1
vulnrichment 1
nvd 1
ubuntucve 1
nessus 10
amazon 1
openvas 2
prion
prion
Spoofing
2024-02-27 19:04:00
cvelist
cvelist
CVE-2021-46974 bpf: Fix masking negation logic upon negative dst register
2024-02-27 18:47:08
redhatcve
redhatcve
CVE-2021-46974
2024-02-29 07:03:42
debiancve
debiancve
CVE-2021-46974
2024-02-27 19:04:07
vulnrichment
vulnrichment
CVE-2021-46974 bpf: Fix masking negation logic upon negative dst register
2024-02-27 18:47:08
nvd
nvd
CVE-2021-46974
2024-02-27 19:04:07
ubuntucve
ubuntucve
CVE-2021-46974
2024-02-27 00:00:00
nessus
nessus
Amazon Linux 2 : kernel (ALAS-2021-1636)
2021-05-24 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-003)
2022-05-02 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-001)
2022-05-02 00:00:00
amazon
amazon
Medium: kernel
2021-05-20 15:51:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0975-1)
2024-05-07 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:0857-1)
2024-03-25 00:00:00

AI Score

6.2

Confidence

Low

EPSS

0

Percentile

10.3%

JSON
Related for CVE-2021-46974
prion1cvelist1redhatcve1debiancve1vulnrichment1nvd1ubuntucve1nessus10amazon1openvas2