CVE-2020-8835 log

Severity High
Remote No
Type Privilege escalation
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking 32-bit instructions in an eBPF program occurs. This flaw allows an unprivileged user or process to execute eBPF programs to crash the kernel, resulting in a denial of service or potentially gaining root privileges on the system.
Group Package Affected Fixed Severity Status Ticket
AVG-1122 linux 5.5.13.arch1-1 5.5.13.arch2-1 High Fixed
AVG-1121 linux-lts 5.4.28-1 5.4.28-2 High Fixed
AVG-1120 linux-hardened 5.5.13.a-1 5.5.13.b-1 High Fixed
Date Advisory Group Package Severity Type
01 Apr 2020 ASA-202004-4 AVG-1122 linux High privilege escalation
01 Apr 2020 ASA-202004-3 AVG-1121 linux-lts High privilege escalation
01 Apr 2020 ASA-202004-2 AVG-1120 linux-hardened High privilege escalation
# sysctl -w kernel.unprivileged_bpf_disabled=1

Introduced by:
581738a681b6 ("bpf: Provide better register bounds after jmp32 instructions")