CVE-2021-20194

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1912683 Issue Tracking Patch Third Party Advisory
https://security.netapp.com/advisory/ntap-20210326-0003/ Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*

Information

Published : 2021-02-23 15:15

Updated : 2023-02-12 14:15


NVD link : CVE-2021-20194

Mitre link : CVE-2021-20194


JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

redhat

  • enterprise_linux
  • openshift_container_platform

linux

  • linux_kernel