CVE-2021-29154

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

History

25 Mar 2024, 01:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=26f55a59dc65ff77cd1c4b37991e26497fc68049 -
  • () https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4d4d456436bfb2fe412ee2cd489f7658449b098 -

07 Nov 2023, 03:32

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/', 'name': 'FEDORA-2021-e71c033f88', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ -

24 Feb 2023, 18:42

Type Values Removed Values Added
References (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Third Party Advisory

25 Jul 2022, 18:15

Type Values Removed Values Added
References
  • (N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

19 Apr 2022, 04:01

Type Values Removed Values Added
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ - Third Party Advisory (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ - Mailing List, Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html - (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html - Mailing List, Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html - (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html - Mailing List, Third Party Advisory
CPE cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
First Time Netapp h300s
Netapp h300s Firmware
Netapp h300e
Debian debian Linux
Netapp h700s Firmware
Netapp h410s
Netapp h500e
Debian
Netapp h700e
Netapp h410s Firmware
Netapp h700s
Netapp h500s
Netapp h500e Firmware
Netapp h700e Firmware
Netapp h300e Firmware
Netapp h500s Firmware
Netapp cloud Backup

23 Jun 2021, 02:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html -
  • (MLIST) https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html -

08 Jun 2021, 13:54

Type Values Removed Values Added
CPE cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
References (CONFIRM) https://security.netapp.com/advisory/ntap-20210604-0006/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20210604-0006/ - Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html - (MISC) http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html - Third Party Advisory, VDB Entry

04 Jun 2021, 10:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20210604-0006/ -

03 May 2021, 23:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html -

14 Apr 2021, 21:35

Type Values Removed Values Added
References (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ - (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ - Third Party Advisory
References (MISC) https://news.ycombinator.com/item?id=26757760 - (MISC) https://news.ycombinator.com/item?id=26757760 - Issue Tracking, Third Party Advisory
References (MISC) https://www.openwall.com/lists/oss-security/2021/04/08/1 - (MISC) https://www.openwall.com/lists/oss-security/2021/04/08/1 - Mailing List, Patch, Third Party Advisory
CWE CWE-77
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 7.8
CPE cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

14 Apr 2021, 18:15

Type Values Removed Values Added
References
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ -

10 Apr 2021, 21:15

Type Values Removed Values Added
References
  • (MISC) https://news.ycombinator.com/item?id=26757760 -

09 Apr 2021, 07:15

Type Values Removed Values Added
Summary Incorrect computation of branch displacements in BPF JIT compilers the Linux kernel can be abused to execute arbitrary code in Kernel mode. BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

08 Apr 2021, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-04-08 21:15

Updated : 2024-03-25 01:15


NVD link : CVE-2021-29154

Mitre link : CVE-2021-29154

CVE.ORG link : CVE-2021-29154


JSON object : View

Products Affected

netapp

  • h700s_firmware
  • h700e
  • hci_management_node
  • h700e_firmware
  • h700s
  • h300s_firmware
  • cloud_backup
  • h300s
  • h300e
  • h500e_firmware
  • h500s
  • h410s
  • h410s_firmware
  • solidfire
  • h500s_firmware
  • h300e_firmware
  • h500e

debian

  • debian_linux

linux

  • linux_kernel

fedoraproject

  • fedora
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')