Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-20194

Опубликовано: 23 фев. 2021
Источник: nvd
CVSS3: 7.8
CVSS2: 4.6
EPSS Низкий

Описание

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 30%
0.00105
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20
CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2021-20194

CVSS3: 7.8
ubuntu
больше 4 лет назад

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

redhat логотип

CVE-2021-20194

CVSS3: 7
redhat
больше 4 лет назад

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

msrc логотип

CVE-2021-20194

CVSS3: 7.8
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2021-20194

CVSS3: 7.8
debian
больше 4 лет назад

There is a vulnerability in the linux kernel versions higher than 5.2 ...

github логотип

GHSA-vw35-vgjr-5jhv

CVSS3: 7.8
github
около 3 лет назад

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

EPSS

Процентиль: 30%
0.00105
Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20
CWE-787