3 matches found
kernel: bpf: avoid holding freeze_mutex during mmap operation
In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freezemutex during mmap operation We use map-freezemutex to prevent races between mapfreeze and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freezemutex...
The vulnerability of the verifier functions ebpf in the bpf_map_update_elem and bpf_map_freeze components of the Linux operating system’s kernel/bpf/syscall.c module allows a attacker to compromise data integrity.
The vulnerability of the verifier functions ebpf in the bpfmapupdateelem and bpfmapfreeze components of the Linux operating system’s kernel/bpf/syscall.c file is related to the absence of locking mechanisms. Exploiting this vulnerability allows an attacker to compromise data integrity...
DEBIAN-CVE-2021-4001
A race condition was found in the Linux kernel's ebpf verifier between bpfmapupdateelem and bpfmapfreeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege capsysadmin or capbpf can modify the frozen mapped address space. This flaw affects kernel...