CVE-2021-29155 log

Source
Severity Medium
Remote No
Type Information disclosure
Description
An issue has been discovered in the Linux kernel before version 5.11.16 in the mechanism to mitigate speculatively out-of-bounds loads (Spectre mitigation). Unprivileged BPF programs running on affected systems can bypass the protection and execute speculatively out-of-bounds loads from the kernel memory. This can be abused to extract the contents of the kernel memory via a side-channel. The identified gap is that when protecting sequences of pointer arithmetic operations against speculatively out-of-bounds loads, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.
Group Package Affected Fixed Severity Status Ticket
AVG-1854 linux-lts 5.10.31-1 5.10.32-1 Medium Fixed
AVG-1853 linux-zen 5.11.15.zen1-2 5.11.16.zen1-1 Medium Fixed
AVG-1852 linux-hardened 5.11.15.hardened1-1 5.11.16.hardened1-1 Medium Fixed
AVG-1851 linux 5.11.15.arch1-2 5.11.16.arch1-1 Medium Fixed
References
https://www.openwall.com/lists/oss-security/2021/04/18/4
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=4ccdc6c6cae38b91c871293fb0ed8c6845a61b51
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=1611010fa388974b61cd6362c49d3fd1e31e2126
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=af2bb00759b8810ec652a57d73158baf5a7b3a59
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=4aa1f14c519b96c66b63fb16122d6c3a04680bc6
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=5cba7ca00dae28bec6e13684b7a0ec83c64cd72e
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.16&id=8a39972ed3cec42163abc71787d7fc11bf316c78
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=4f3ff11204eac0ee23acf64deecb3bad7b0db0c6
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=589fd9684dfafee37c60abde4ca3c0af723be3b3
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=480d875f12424a86fd710e8762ed1e23b7f02572
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=55565c30790839b40311c270a8b1a437ae9b2769
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=7723d3243857ab20f6450cfbbd765d8594e5e308
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.32&id=fbe6603e7cabad8a203a764300531e9ca811317a