Описание
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
A flaw was found in the Linux kernel. An integer overflow can allow an out-of-bounds write when many elements are placed in a hash's bucket. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Меры по смягчению последствий
The default Red Hat Enterprise Linux kernel setting prevents unprivileged users from being able to use eBPF via the kernel.unprivileged_bpf_disabled sysctl. As such, exploiting this issue would require a privileged user with CAP_SYS_ADMIN or root. For the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled. For the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command: cat /proc/sys/kernel/unprivileged_bpf_disabled The setting of 1 (default) would mean that unprivileged users cannot use eBPF. Otherwise, to disable eBPF for unprivileged users, add: kernel.unprivileged_bpf_disabled = 1 To the file "/etc/sysctl.d/disable-ebpf.conf" Then running the following command as root:
sudo sysctl --system
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Out of support scope | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel | Affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Affected | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.4 Medium
CVSS3
Связанные уязвимости
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8 there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is a ...
In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
EPSS
6.4 Medium
CVSS3