In the Linux kernel, the following vulnerability has been resolved: ARM:
9064/1: hw_breakpoint: Do not directly check the event’s overflow_handler
hook The commit 1879445dfa7b (“perf/core: Set event’s default
::overflow_handler()”) set a default event->overflow_handler in
perf_event_alloc(), and replace the check event->overflow_handler with
is_default_overflow_handler(), but one is missing. Currently, the
bp->overflow_handler can not be NULL. As a result, enable_single_step() is
always not invoked. Comments from Zhen Lei:
https://patchwork.kernel.org/project/linux-arm-kernel/patch/[email protected]/
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-80.90 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1054.57 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < 4.15.0-1109.116~16.04.1 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < 5.4.0-1055.57 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-azure | < 4.15.0-1121.134~14.04.1 | UNKNOWN |
ubuntu | 16.04 | noarch | linux-azure | < 4.15.0-1121.134~16.04.1 | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-4.15 | < any | UNKNOWN |
git.kernel.org/linus/a506bd5756290821a4314f502b4bafc2afcf5260 (5.13-rc1)
git.kernel.org/stable/c/3ed8832aeaa9a37b0fc386bb72ff604352567c80
git.kernel.org/stable/c/555a70f7fff03bd669123487905c47ae27dbdaac
git.kernel.org/stable/c/630146203108bf6b8934eec0dfdb3e46dcb917de
git.kernel.org/stable/c/7eeacc6728c5478e3c01bc82a1f08958eaa12366
git.kernel.org/stable/c/a506bd5756290821a4314f502b4bafc2afcf5260
git.kernel.org/stable/c/a9938d6d78a238d6ab8de57a4d3dcf77adceb9bb
git.kernel.org/stable/c/dabe299425b1a53a69461fed7ac8922ea6733a25
git.kernel.org/stable/c/ed1f67465327cec4457bb988775245b199da86e6
launchpad.net/bugs/cve/CVE-2021-47006
nvd.nist.gov/vuln/detail/CVE-2021-47006
security-tracker.debian.org/tracker/CVE-2021-47006
www.cve.org/CVERecord?id=CVE-2021-47006