CVE-2021-20194
Description
There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.05
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-4879-1) linux-image-aws_5.8.0.1025.27_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-gcp_5.8.0.1024.24_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-gke_5.8.0.1024.24_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-kvm_5.8.0.1020.22_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-azure_5.8.0.1024.24_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-oracle_5.8.0.1022.21_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-generic_5.8.0.45.50_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-virtual_5.8.0.45.50_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-oem-20.04_5.8.0.45.50_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-lowlatency_5.8.0.45.50_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-1020-kvm_5.8.0-1020.22_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-1024-gcp_5.8.0-1024.25_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-1025-aws_5.8.0-1025.27_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-1024-azure_5.8.0-1024.26_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-45-generic_5.8.0-45.51_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-45-generic_5.8.0-45.51~20.04.1+1_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-1022-oracle_5.8.0-1022.23_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-generic-hwe-20.04_5.8.0.45.51~20.04.31_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-virtual-hwe-20.04_5.8.0.45.51~20.04.31_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-45-lowlatency_5.8.0-45.51_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-45-lowlatency_5.8.0-45.51~20.04.1+1_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-lowlatency-hwe-20.04_5.8.0.45.51~20.04.31_amd64.deb | Linux |
| Linux kernel (USN-4879-1) linux-image-5.8.0-45-generic_5.8.0-45.51~20.04.1_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-4884-1) linux-image-oem-20.04b_5.10.0.1017.18_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-4884-1) linux-image-5.10.0-1017-oem_5.10.0-1017.18_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-aws_5.4.0.1043.26_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-aws_5.4.0.1043.44_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-gcp_5.4.0.1041.28_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-gcp_5.4.0.1041.50_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-kvm_5.4.0.1037.35_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-oem_5.4.0.71.74_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-oem_5.4.0.71.79~18.04.64_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-azure_5.4.0.1044.24_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-azure_5.4.0.1044.42_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-gkeop_5.4.0.1013.16_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-oracle_5.4.0.1042.39_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-oracle_5.4.0.1042.45~18.04.24_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-generic_5.4.0.71.74_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-gke-5.4_5.4.0.1040.42~18.04.7_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-virtual_5.4.0.71.74_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-oem-osp1_5.4.0.71.74_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-oem-osp1_5.4.0.71.79~18.04.64_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-gkeop-5.4_5.4.0.1013.16_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-gkeop-5.4_5.4.0.1013.14~18.04.14_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-lowlatency_5.4.0.71.74_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1037-kvm_5.4.0-1037.38_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1040-gke_5.4.0-1040.42~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1041-gcp_5.4.0-1041.44_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1041-gcp_5.4.0-1041.44~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1043-aws_5.4.0-1043.45_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1043-aws_5.4.0-1043.45~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1013-gkeop_5.4.0-1013.14_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1013-gkeop_5.4.0-1013.14~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1044-azure_5.4.0-1044.46_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1044-azure_5.4.0-1044.46~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-71-generic_5.4.0-71.79_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-71-generic_5.4.0-71.79~18.04.1_i386.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-71-generic_5.4.0-71.79~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1042-oracle_5.4.0-1042.45_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-1042-oracle_5.4.0-1042.45~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-generic-hwe-18.04_5.4.0.71.79~18.04.64_i386.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-generic-hwe-18.04_5.4.0.71.79~18.04.64_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-virtual-hwe-18.04_5.4.0.71.79~18.04.64_i386.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-virtual-hwe-18.04_5.4.0.71.79~18.04.64_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-71-lowlatency_5.4.0-71.79_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-71-lowlatency_5.4.0-71.79~18.04.1_i386.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-5.4.0-71-lowlatency_5.4.0-71.79~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-lowlatency-hwe-18.04_5.4.0.71.79~18.04.64_i386.deb | Linux |
| Linux kernel (USN-4909-1) linux-image-lowlatency-hwe-18.04_5.4.0.71.79~18.04.64_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-4912-1) linux-image-oem-20.04_5.6.0.1053.49_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-4912-1) linux-image-5.6.0-1053-oem_5.6.0-1053.57_amd64.deb | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update bpftool-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-abi-stablelists-4.18.0-348.el8.noarch.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-core-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-cross-headers-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-core-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-devel-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-modules-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-debug-modules-extra-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-devel-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-doc-4.18.0-348.el8.noarch.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-headers-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-modules-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-modules-extra-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-tools-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update kernel-tools-libs-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update perf-4.18.0-348.el8.x86_64.rpm | Linux |
| (RHSA-2021:4356) kernel security, bug fix, and enhancement update python3-perf-4.18.0-348.el8.x86_64.rpm | Linux |
| Improper Input Validation Vulnerability (CVE-2021-20194) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234