Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2021-41864 - CERT CVE
CVE-2021-41864
ID
CVE-2021-41864
Sažetak
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
Reference
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a
https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a
https://security.netapp.com/advisory/ntap-20211029-0004/
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12
https://www.debian.org/security/2022/dsa-5096
https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/
CVSS
Base:
4.6
Impact:
6.4
Exploitability:
3.9
Pristup
Vektor
Složenost
Autentikacija
LOCAL
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
PARTIAL
PARTIAL
CVSS vektor
AV:L/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje
07-11-2023 - 03:39
Objavljeno
02-10-2021 - 00:15
