An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2021-03-20 15:15
Updated : 2022-07-29 20:46
NVD link : CVE-2020-27171
Mitre link : CVE-2020-27171
JSON object : View
CWE
CWE-193
Off-by-one Error
Products Affected
fedoraproject
- fedora
canonical
- ubuntu_linux
debian
- debian_linux
linux
- linux_kernel