[SRU Bionic 0/1] CVE-2021-33200
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Jun 24 00:14:38 UTC 2021
[Impact]
Unprivileged users can use eBPF to do an out-of-bounds read or write, which
allow code execution, and privilege escalation.
[Test case]
Ran a PoC that demonstrated the out-of-bounds read by leaking a kernel address.
[Potential regression]
Some eBPF code might fail to load.
Daniel Borkmann (1):
bpf: Fix mask direction swap upon off reg sign change
kernel/bpf/verifier.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
--
2.30.2
More information about the kernel-team
mailing list