A security issue was found in the Linux kernel. It was discovered that eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) did not update the 32-bit bounds, leading to out-of-bounds reads and writes in the kernel.
A security issue was found in the Linux kernel. It was discovered that eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) did not update the 32-bit bounds, leading to out-of-bounds reads and writes in the kernel.
https://www.openwall.com/lists/oss-security/2021/05/11/11 https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e