CVE-2020-27171 — Off-by-one Error in Kernel
Severity
6.0MEDIUMNVD
OSV4.7
EPSS
0.2%
top 60.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 20
Latest updateMay 24
Description
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:HExploitability: 0.8 | Impact: 5.2
Affected Packages3 packages
Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 20.04, Fedora 32, 33, 34
Patches
🔴Vulnerability Details
5OSV▶
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 linux-snapdragon vulnerabilities↗2021-03-29
📋Vendor Advisories
5Microsoft▶
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic ↗2021-03-09
Debian▶
CVE-2020-27171: linux - An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c...↗2020