First published: Tue Apr 06 2021(Updated: )
A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can abuse a flaw in eBPF to corrupt memory. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1160.41.1.rt56.1181.el7 | 0:3.10.0-1160.41.1.rt56.1181.el7 |
redhat/kernel | <0:3.10.0-1160.41.1.el7 | 0:3.10.0-1160.41.1.el7 |
redhat/kernel-rt | <0:4.18.0-372.9.1.rt7.166.el8 | 0:4.18.0-372.9.1.rt7.166.el8 |
redhat/kernel | <0:4.18.0-372.9.1.el8 | 0:4.18.0-372.9.1.el8 |
Linux Linux kernel | >=3.0<4.4.266 | |
Linux Linux kernel | >=4.5<4.9.266 | |
Linux Linux kernel | >=4.10<4.14.230 | |
Linux Linux kernel | >=4.15<4.19.186 | |
Linux Linux kernel | >=4.20<5.4.111 | |
Linux Linux kernel | >=5.5<5.10.29 | |
Linux Linux kernel | >=5.11<5.11.13 | |
Fedoraproject Fedora | =33 | |
Debian Debian Linux | =9.0 | |
Netapp Cloud Backup | ||
Netapp Hci Management Node | ||
Netapp Solidfire | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
All of | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
All of | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
All of | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
All of | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
All of | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
All of | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
All of | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
IBM DRM | <=2.0.6 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.12.5-1 6.12.6-1 | |
>=3.0<4.4.266 | ||
>=4.5<4.9.266 | ||
>=4.10<4.14.230 | ||
>=4.15<4.19.186 | ||
>=4.20<5.4.111 | ||
>=5.5<5.10.29 | ||
>=5.11<5.11.13 | ||
=33 | ||
=9.0 | ||
All of | ||
All of | ||
All of | ||
All of | ||
All of | ||
All of | ||
All of | ||
This issue does not affect most systems by default. An administrator would need to have enabled the BPF JIT to be affected. It can be disabled immediately with the command: # echo 0 > /proc/sys/net/core/bpf_jit_enable Or it can be disabled for all subsequent boots of the system by setting a value in /etc/sysctl.d/44-bpf-jit-disable ## start file ## net.core.bpf_jit_enable=0 ## end file ##
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)