CVE-2021-38300

Sažetak

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

Reference

http://www.openwall.com/lists/oss-security/2021/09/15/5
https://security.netapp.com/advisory/ntap-20211008-0003/
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=37cb28ec7d3a36a5bace7063a3dba633ab110f8b
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.10
https://www.debian.org/security/2022/dsa-5096
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

01-03-2023 - 20:15

Objavljeno

20-09-2021 - 06:15