CVE-2020-27170 log

Severity Medium
Remote No
Type Information disclosure
A gap in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation) has been identified. Unprivileged BPF programs running on affected systems can bypass the protection and execute speculatively out-of-bounds loads from any location within the kernel memory. This can be abused to extract contents of kernel memory via side-channel. The identified gap is that unprivileged BPF programs are allowed to perform pointer arithmetic on particular pointer types not defining ptr_limit. Pointer arithmetic on such pointer types is not protected against out-of-bounds speculation. The issue is fixed in kernel versions 5.11.8 and 5.10.25.
Group Package Affected Fixed Severity Status Ticket
AVG-1714 linux-lts 5.10.24-1 5.10.25-1 Medium Fixed
AVG-1713 linux-zen 5.11.7.zen1-1 5.11.8.zen1-1 Medium Fixed
AVG-1712 linux-hardened 5.11.7.hardened1-1 5.11.8.hardened1-1 Medium Fixed
AVG-1711 linux 5.11.7.arch1-1 5.11.8.arch1-1 Medium Fixed