Описание
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
A flaw was found in the Linux kernels eBPF implementation. By default, accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can abuse a flaw in eBPF to corrupt memory. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Отчет
This flaw is rated as having Moderate impact as eBPF requires a privileged user on Red Hat Enterprise Linux to correctly load eBPF instructions that can be exploited.
Меры по смягчению последствий
This issue does not affect most systems by default. An administrator would need to have enabled the BPF JIT to be affected. It can be disabled immediately with the command:
echo 0 > /proc/sys/net/core/bpf_jit_enable
Or it can be disabled for all subsequent boots of the system by setting a value in /etc/sysctl.d/44-bpf-jit-disable
start file
net.core.bpf_jit_enable=0
end file
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Out of support scope | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2021:3328 | 31.08.2021 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2021:3327 | 31.08.2021 |
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2022:1975 | 10.05.2022 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2022:1988 | 10.05.2022 |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect c ...
Incorrect computation of branch displacements in BPF JIT compilers the Linux kernel can be abused to execute arbitrary code in Kernel mode.
7 High
CVSS3