CVE-2021-20268

Updated: 2024-11-30 03:36:37.010847

Description:

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.6
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2021-12-09 07:57:19
CentOS 7 ELS kernel 3.10.0 7.8 HIGH Not Vulnerable 2023-11-02 09:35:32
CentOS 8.4 ELS kernel 4.18.0 7.8 HIGH Not Vulnerable 2022-02-15 12:04:40
CentOS 8.5 ELS kernel 4.18.0 7.8 HIGH Ignored 2022-02-21 05:39:39
CloudLinux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2022-03-30 18:50:57
Oracle Linux 6 ELS kernel 2.6.32 7.8 HIGH Not Vulnerable 2022-03-30 18:50:56
Ubuntu 16.04 ELS linux 4.4.0 7.8 HIGH Not Vulnerable 2022-02-17 08:55:46
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.8 HIGH Not Vulnerable 2022-10-04 14:02:36
Ubuntu 18.04 ELS linux 4.15.0 7.8 HIGH Not Vulnerable 2023-08-28 21:18:48