CVE-2021-20194
Published Feb 23, 2021
Last updated 2 years ago
Overview
- Description
- There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52C57624-28DE-4E03-B6EF-F09CC640D9F0",
"versionStartExcluding": "5.2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44C5E433-229C-4BB9-8481-8A74AFA8DB8E"
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D432C063-0805-4151-A819-508FE8954101"
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B62E762-2878-455A-93C9-A5DB430D7BB5"
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
],
"operator": "OR"
}
]
}
]