CVE-2021-33624 log

Severity Medium
Remote No
Type Information disclosure
In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
Group Package Affected Fixed Severity Status Ticket
AVG-2097 linux-lts 5.10.45-1 5.10.46-1 Medium Fixed
AVG-2096 linux-hardened 5.12.12.hardened1-1 5.12.13.hardened1-1 Medium Fixed
AVG-2095 linux-zen 5.12.12.zen1-1 5.12.13.zen1-1 Medium Fixed
AVG-2094 linux 5.12.12.arch1-1 5.12.13.arch1-1 Medium Fixed