[SRU Groovy,Hirsute,Focal/linux-oem-5.10 0/1] CVE-2021-31440
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Mon May 24 22:56:18 UTC 2021
[Impact]
A unprivileged user can load a BPF program that allows OOB reads and
writes, potentially leading to privilege escalation.
[Potential regression]
Some BPF programs could fail to load.
[Test case]
I managed to get a soft lockup with a reproducer. After the fix, the
program finishes as expected.
Daniel Borkmann (1):
bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
kernel/bpf/verifier.c | 8 +++-----
tools/testing/selftests/bpf/verifier/array_access.c | 2 +-
2 files changed, 4 insertions(+), 6 deletions(-)
--
2.30.2
More information about the kernel-team
mailing list