CVE-2021-4204
eBPF Improper Input Validation Vulnerability
References
Notes
carnil> Similar issue with CVE-2021-34866.
carnil> To be checked, fixed as well with the refactoring in
carnil> c25b2ae13603 ("bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX
carnil> | PTR_MAYBE_NULL")?
carnil> Introduced after 457f44363a88 ("bpf: Implement BPF ring buffer
carnil> and verifier support for it") in 5.8-rc1.
carnil> Fixed as well in 5.15.17 for 5.15.y.
carnil> The main fix seems to be 64620e0a1e71 ("bpf: Fix out of bounds
carnil> access for ringbuf helpers") but has pre-requisite work done.
Bugs
Status
| Branch |
Status |
| upstream |
released (5.17-rc1) [be80a1d3f9dbe5aee79a325964f7037fe2d92f30, d400a6cf1c8a57cdf10f35220ead3284320d85ff, 6788ab23508bddb0a9d88e104284922cb2c22b77, 64620e0a1e712a778095bd35cbb277dc2259281f, a672b2e36a648afb04ad3bda93b6bda947a479a5, 722e4db3ae0d52b2e3801280afbe19cf2d188e91, 37c8d4807d1b8b521b30310dce97f6695dc2c2c6]
|
| 6.18-upstream-stable |
|
| 6.17-upstream-stable |
|
| 6.12-upstream-stable |
|
| 6.6-upstream-stable |
|
| 6.1-upstream-stable |
N/A "Fixed before branch point"
|
| 5.10-upstream-stable |
needed
|
| 4.19-upstream-stable |
N/A "Vulnerable code introduced later"
|
| 4.9-upstream-stable |
N/A "Vulnerable code introduced later"
|
| sid |
released (5.17.3-1)
|
| 6.12-trixie-security |
|
| 6.1-bookworm-security |
N/A "Fixed before branch point"
|
| 5.10-bullseye-security |
needed
|
| 4.19-buster-security |
N/A "Vulnerable code introduced later"
|
| 4.9-stretch-security |
N/A "Vulnerable code introduced later"
|
