CVE-2021-33624
Description
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
Risk Information
Base Score
4.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.473
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.62.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.62.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.62.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.62.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.62.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.62.1.x86_64.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.62.1.noarch.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.62.1.noarch.rpm | Linux |
| SUSE-SU-2021:2321-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.62.1.x86_64.rpm | Linux |
| Linux kernel (USN-5092-1) linux-image-aws_5.11.0.1019.20_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-aws_5.11.0.1019.20~20.04.18_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-gcp_5.11.0.1020.20_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-gke_5.11.0.1020.20_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-kvm_5.11.0.1017.18_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-oracle_5.11.0.1019.20_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-generic_5.11.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-virtual_5.11.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-oem-20.04_5.11.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-lowlatency_5.11.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-1017-kvm_5.11.0-1017.18_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-1019-aws_5.11.0-1019.20_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-1019-aws_5.11.0-1019.20~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-1020-gcp_5.11.0-1020.22_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-37-generic_5.11.0-37.41_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-1019-oracle_5.11.0-1019.20_amd64.deb | Linux |
| Linux kernel (USN-5092-1) linux-image-5.11.0-37-lowlatency_5.11.0-37.41_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-azure_5.11.0.1017.18_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-oracle_5.11.0.1019.20~20.04.12_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-azure-edge_5.11.0.1017.18~20.04.16_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-5.11.0-1017-azure_5.11.0-1017.18_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-5.11.0-1017-azure_5.11.0-1017.18~20.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-5.11.0-37-generic_5.11.0-37.41~20.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-generic-hwe-20.04_5.11.0.37.41~20.04.16_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-virtual-hwe-20.04_5.11.0.37.41~20.04.16_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-5.11.0-1019-oracle_5.11.0-1019.20~20.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-5.11.0-37-lowlatency_5.11.0-37.41~20.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-5092-2) linux-image-lowlatency-hwe-20.04_5.11.0.37.41~20.04.16_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5115-1) linux-image-oem-20.04_5.10.0.1050.52_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5115-1) linux-image-oem-20.04b_5.10.0.1050.52_amd64.deb | Linux |
| Linux kernel for OEM systems (USN-5115-1) linux-image-5.10.0-1050-oem_5.10.0-1050.52_amd64.deb | Linux |
| kernel Security Update (ALAS-2021-1685) kernel-livepatch-4.14.238-182.421-1.0-0.amzn2.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234