6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
12.7%
An out-of-bounds (OOB) memory read problem was found in bpf in the Linux kernel’s kernel/bpf/syscall.c function due to an improper check of bpf_sys_bpf() arguments. The bounds check failure allows a local attacker to access out-of-bounds memory, leading to a leak of internal kernel information.
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.