CVE-2021-20268 — Improper Input Validation in Kernel
Severity
7.8HIGHNVD
OSV3.3
EPSS
0.1%
top 67.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 9
Latest updateMay 24
Description
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages20 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-wqqm-p6gj-wr83: An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls↗2022-05-24
OSV▶
linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi vulnerabilities↗2021-04-13
OSV▶
CVE-2021-20268: An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls↗2021-03-09
📋Vendor Advisories
4Microsoft▶
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allo↗2021-03-09
Debian▶
CVE-2021-20268: linux - An out-of-bounds access flaw was found in the Linux kernel's implementation of t...↗2021