K74251611: Linux kernel vulnerability CVE-2021-38166

Security Advisory Description In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAPSYSADMIN capability. CVE-2021-38166 Impact An...

The vulnerability in the kernel/bpf/hashtab.c component of the Linux operating system, related to writing beyond buffer boundaries in memory, allows an attacker to compromise the integrity, accessibility, and confidentiality of data.

The vulnerability in the kernel/bpf/hashtab.c component of the Linux operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the integrity, accessibility, and confidentiality of data...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.10.60 and fixes at least the following security issues: A missing validation of the "intctl" VMCB field allows a malicious L1 guest to enable AVIC support Advanced Virtual Interrupt Controller for the L2 guest. The L2 guest is able to write to a...