There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1912683 | Issue Tracking Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210326-0003/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
12 Feb 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-20 | |
Summary | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation. |
02 Feb 2023, 21:20
Type | Values Removed | Values Added |
---|---|---|
Summary | A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling getsockopt. A local user could use this flaw to crash the system or possibly escalate their privileges on the system. | |
References |
|
05 Aug 2022, 18:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 |
31 Mar 2021, 12:29
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20210326-0003/ - Third Party Advisory |
26 Mar 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
27 Feb 2021, 03:08
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1912683 - Issue Tracking, Patch, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
CPE | cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:* |
23 Feb 2021, 23:32
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-23 23:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-20194
Mitre link : CVE-2021-20194
CVE.ORG link : CVE-2021-20194
JSON object : View
Products Affected
redhat
- openshift_container_platform
- enterprise_linux
linux
- linux_kernel