Lucene search

K
osvGoogleOSV:USN-4890-1
HistoryMar 29, 2021 - 4:28 p.m.

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 linux-snapdragon vulnerabilities

2021-03-2916:28:58
Google
osv.dev
8

AI Score

8

Confidence

High

EPSS

0.001

Percentile

17.2%

Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly compute a speculative execution limit on pointer arithmetic in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2020-27171)

Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly apply speculative execution limits on some pointer types. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-27170)