A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel . In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.
Uncovered three miscompilation issues in the s390 eBPF JIT. They can be used by an unprivileged local user to circumvent the verifier and gain root privileges. This series fixes all 3; no new tests are required since Johan's tests will be integrated upstream.
- 2 fixes are for initial s390x eBPF JIT compiler backend implementation, v4.1+
- 1 fix v5.5+
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2012561]
This was fixed for Fedora with the 5.14.7 stable kernel update.