Published: 06/05/2021 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

kernel/bpf/verifier.c in the Linux kernel up to and including 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
fedoraproject fedora 32
fedoraproject fedora 33
fedoraproject fedora 34
debian debian linux 9.0

kernel: refcount leak in llcp_sock_bind() (CVE-2020-25670) kernel: refcount leak in llcp_sock_connect() (CVE-2020-25671) kernel: memory leak in llcp_sock_connect() (CVE-2020-25672) An issue was discovered in the Linux kernel related to mm/gupc and mm/huge_memoryc The get_user_pages (aka gup) implementation, when used for a copy-on-write page, do ...

An issue has been discovered in the Linux kernel mechanism to mitigate speculative loads (Spectre mitigation) Unprivileged BPF programs running on affected systems can bypass the protection and execute speculative loads from the kernel stack This can be abused to extract contents of the stack via side-channel The extracted contents may include a ...

An issue was discovered in the Linux kernel related to mm/gupc and mm/huge_memoryc The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access (CVE-2020-29374) A use-after-free flaw was found in the Linux kernel's SCT ...

A use-after-free flaw was found in the Linux kernel's NFC LLCP protocol implementation in the way the user performs manipulation with an unknown input for the llcp_sock_bind() function This flaw allows a local user to crash or escalate their privileges on the system (CVE-2020-25670) A use-after-free flaw was found in the Linux kernel's NFC LLCP p ...

oss-sec mailing list archives   By Date By Thread </form>    [CVE-2021-31829] Linux kernel protection of stack pointer against speculative pointer arithmetic can be bypassed to leak conten ...

CWE-863 http://www.openwall.com/lists/oss-security/2021/05/04/4 https://github.com/torvalds/linux/commit/801c6058d14a82179a7ee17a4b532cac6fad067f https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4X2G5YAPYJGI3PFEZZNOTRYI33GOCCZ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VWCZ6LJLENL2C3URW5ICARTACXPFCFN2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZI7OBCJQDNWMKLBP6MZ5NV4EUTDAMX6Q/https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2021-1503.html

CVE-2021-31829

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect