First published: Wed Dec 29 2021(Updated: )
A vulnerability was found in Linux kernelS EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspacec. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | <5.7 | |
Red Hat Enterprise Linux | =8.0 | |
Debian GNU/Linux | =10.0 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.13-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-4159 is considered a high severity vulnerability due to its potential to leak internal kernel memory.
To fix CVE-2021-4159, update to a patched version of the Linux kernel that is 5.10.223-1 or later.
CVE-2021-4159 affects Linux kernel versions up to and including 5.7 as well as certain specific versions of Red Hat and Debian distributions.
Local attackers with permissions to insert eBPF code into the kernel are impacted by CVE-2021-4159.
eBPF (extended Berkeley Packet Filter) is a technology in the Linux kernel that allows the execution of sandboxed programs in the kernel space.