Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-8835

An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking 32-bit instructions in an eBPF program occurs. This flaw allows an unprivileged user or process to execute eBPF programs to crash the kernel, resulting in a denial of service or potentially gaining root privileges on the system.

Source

Severity High

Remote No

Type Privilege escalation

Description

An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking 32-bit instructions in an eBPF program occurs. This flaw allows an unprivileged user or process to execute eBPF programs to crash the kernel, resulting in a denial of service or potentially gaining root privileges on the system.

AVG-1122 linux 5.5.13.arch4-1 5.5.13.arch4-1 High Fixed

AVG-1121 linux-lts 5.4.28-1 5.4.28-2 High Fixed

AVG-1120 linux-hardened 5.5.13.a-1 5.5.13.b-1 High Fixed

https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results
https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/
https://www.openwall.com/lists/oss-security/2020/03/30/3

Workaround:
# sysctl -w kernel.unprivileged_bpf_disabled=1

Introduced by:
581738a681b6 ("bpf: Provide better register bounds after jmp32 instructions")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=581738a681b6faae5725c2555439189ca81c0f1f

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Vulmon Search

About

Products

Connect