Back to bug 1923816

Who When What Removed Added
Pedro Sampaio 2021-02-02 01:13:46 UTC Depends On 1923817
Pedro Sampaio 2021-02-02 01:13:48 UTC Blocks 1923818
Alex 2021-02-09 08:56:34 UTC CC dramseur, jhunter, jminter, kmitts, mgala, mjudeiki
Doc Text A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling dev_map_create_hash.
A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
Alex 2021-02-09 16:06:36 UTC Doc Text A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling dev_map_create_hash.
A local user could use this flaw to crash the system or possibly escalate their privileges on the system. 		A flaw memory out of bounds reads and writes in the Linux kernel BPF subsystem was found in the way user running BPF script that calls dev_map_alloc.
A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
Alex 2021-02-09 16:11:24 UTC Doc Text A flaw memory out of bounds reads and writes in the Linux kernel BPF subsystem was found in the way user running BPF script that calls dev_map_alloc.
A local user could use this flaw to crash the system or possibly escalate their privileges on the system. 		A flaw out-of-bounds access in the Linux kernel's implementation of the eBPF code verifier was found in the way user running eBPF script that calls dev_map_alloc.
A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
Alex 2021-02-09 16:17:49 UTC Depends On 1926906, 1926905
Alex 2021-02-09 16:20:17 UTC Depends On 1926908
Alex 2021-02-09 16:25:11 UTC Doc Text A flaw out-of-bounds access in the Linux kernel's implementation of the eBPF code verifier was found in the way user running eBPF script that calls dev_map_alloc.
A local user could use this flaw to crash the system or possibly escalate their privileges on the system. 		A flaw out-of-bounds access in the Linux kernel's implementation of the eBPF code verifier was found in the way user running eBPF script that calls dev_map_alloc. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.
Jim Minter 2021-02-11 17:54:07 UTC CC jminter
Florencio Cano 2021-02-24 16:04:36 UTC CC bdettelb, tomckay
Florencio Cano 2021-02-24 16:06:25 UTC Depends On 1932448, 1932449, 1932450, 1932451
Pedro Sampaio 2021-03-04 18:03:30 UTC Summary kernel: eBPF Improper Input Validation CVE-2021-20268 kernel: eBPF Improper Input Validation
Alias CVE-2021-20268
Pedro Sampaio 2021-03-04 18:05:06 UTC Blocks 1935371
Salvatore Bonaccorso 2021-03-05 08:05:55 UTC CC carnil
Flags needinfo?(psampaio)
Pedro Sampaio 2021-03-05 11:22:24 UTC CC allarkin
Flags needinfo?(psampaio) needinfo?(allarkin)
RaTasha Tillery-Smith 2021-03-05 14:43:31 UTC Doc Text A flaw out-of-bounds access in the Linux kernel's implementation of the eBPF code verifier was found in the way user running eBPF script that calls dev_map_alloc. A local user could use this flaw to crash the system or possibly escalate their privileges on the system. An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Alex 2021-03-07 14:51:42 UTC Doc Text An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_alloc or dev_map_create_hash. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Flags needinfo?(allarkin)
Alex 2021-03-07 16:47:27 UTC Doc Text An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_alloc or dev_map_create_hash. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Yasuhiro Ozone 2021-03-16 02:20:22 UTC CC yozone
Yasuhiro Ozone 2021-03-16 02:32:57 UTC CC security-response-team
Flags needinfo?(security-response-team)
Product Security DevOps Team 2021-03-16 02:36:22 UTC Flags needinfo?(security-response-team) needinfo?(allarkin)
Alex 2021-03-16 11:27:45 UTC Flags needinfo?(allarkin)
Yasuhiro Ozone 2021-03-16 11:46:28 UTC Flags needinfo?(allarkin)
Yasuhiro Ozone 2021-03-16 21:44:06 UTC Flags needinfo?(allarkin)
Red Hat Bugzilla 2021-05-30 12:02:20 UTC CC blc
Red Hat Bugzilla 2021-05-30 12:43:01 UTC CC bhu
Jeff Fearn 🐞 2021-06-03 11:13:54 UTC CC blc
Jeff Fearn 🐞 2021-06-03 11:53:04 UTC CC bhu
Red Hat Bugzilla 2021-09-15 05:46:24 UTC CC jglisse
Red Hat Bugzilla 2021-10-28 18:54:02 UTC CC mjudeiki
Alex 2021-11-09 15:03:52 UTC Status NEW CLOSED
Resolution --- NOTABUG
Last Closed 2021-11-09 15:03:52 UTC

Back to bug 1923816