Information Disclosure

Linux kernel is vulnerable to Information Disclosure. The vulnerability exists because the internal memory locations could be returned to userspace, allowing an attacker with permission to insert eBPF code into the kernel, which leads to a leak of internal kernel memory details when handling...

DEBIAN-CVE-2021-4159

A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating som...

CVE-2020-0430

An out of bounds memory read flaw was found in the Linux kernel’s implementation of the eBPF code verifier. A user passing corrupted data to a helper function could access data inside the adjustptrminmaxvals function. By default, the eBPF verifier is only accessible to users with CAPSYSADMIN...

CVE-2021-31440

An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking unsigned 32-bit instructions in an eBPF program occurs.. By default accessing the eBPF verifier is only accessible to privileged use...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-4910-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4910-1 advisory. Ryota Shiga discovered that the sockopt BPF hooks in the Linux kernel could allow a user space program to probe for valid kernel addresses. A local...

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

...

Design/Logic Flaw

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...

CVE-2021-20268

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...

CVE-2021-20268

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...

[ASA-202004-2] linux-hardened: privilege escalation

Arch Linux Security Advisory ASA-202004-2 ========================================= Severity: High Date : 2020-04-01 CVE-ID : CVE-2020-8835 Package : linux-hardened Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1120 Summary ======= The package linux-hardened...