CVE-2021-29648 log

Source
Severity Low
Remote No
Type Denial of service
Description
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type Format (BTF), which can cause a system crash upon an unexpected access attempt (in map_create in kernel/bpf/syscall.c or check_btf_info in kernel/bpf/verifier.c), aka CID-350a5c4dd245.
Group Package Affected Fixed Severity Status Ticket
AVG-1741 linux-lts 5.10.54-1 Medium Vulnerable
AVG-1749 linux-zen 5.11.10.zen1-1 5.11.11.zen1-1 Medium Fixed
AVG-1748 linux-hardened 5.11.10.hardened1-1 5.11.11.hardened1-1 Medium Fixed
AVG-1747 linux 5.11.10.arch1-1 5.11.11.arch1-1 Medium Fixed
References
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.11&id=a9b2ab5db842da37e0f8d830d2a57688d77e3556