3 matches found
Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-4983-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4983-1 advisory. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could...
CVE-2021-31829
kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can...
CVE-2021-31829
CVE-2021-31829 affects the Linux kernel’s eBPF verifier (kernel/bpf/verifier.c) and describes speculative-load handling that could leak kernel memory via side-channels. The Initial document notes the flaw up to kernel 5.12.1 and references remediation through patched kernels; Connected documents ...