Bug 2036024 (CVE-2021-4159) - CVE-2021-4159 kernel: another kernel ptr leak vulnerability via BPF in coerce_reg_to_size
Summary: CVE-2021-4159 kernel: another kernel ptr leak vulnerability via BPF in coerce...
Keywords:
Status: NEW
Alias: CVE-2021-4159
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2040557 2040558 2040559 2041295 2047752
Blocks: 2032804
TreeView+ depends on / blocked
 
Reported: 2021-12-29 10:40 UTC by Dhananjay Arunesh
Modified: 2024-01-19 19:11 UTC (History)
44 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Dhananjay Arunesh 2021-12-29 10:40:20 UTC
A vulnerability was found in Linux kernelS EBPF verifier when handling internal data structures.  Internal memory locations could be returned to userspacec.  A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.

Comment 8 Guilherme de Almeida Suckevicz 2022-01-28 13:24:56 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2047752]

Comment 9 Justin M. Forbes 2022-01-31 22:50:13 UTC
This was fixed for Fedora with the 5.7.x kernel rebases.


Note You need to log in before you can comment on or make changes to this bug.