Vulnerability Description
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.10.10 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1923816Issue TrackingPatchThird Party Advisory
- https://lore.kernel.org/bpf/CACAyw99bEYWJCSGqfLiJ9Jp5YE1ZsZSiJxb4RFUTwbofipf0dA%
- https://security.netapp.com/advisory/ntap-20210409-0006/Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1923816Issue TrackingPatchThird Party Advisory
- https://lore.kernel.org/bpf/CACAyw99bEYWJCSGqfLiJ9Jp5YE1ZsZSiJxb4RFUTwbofipf0dA%
- https://security.netapp.com/advisory/ntap-20210409-0006/Third Party Advisory
FAQ
What is CVE-2021-20268?
CVE-2021-20268 is a vulnerability with a CVSS score of 7.8 (HIGH). An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allo...
How severe is CVE-2021-20268?
CVE-2021-20268 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-20268?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.