CVE-2021-3489 - log back

CVE-2021-3489 edited at 14 May 2021 22:09:07
References
https://www.openwall.com/lists/oss-security/2021/05/11/10
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=53eb85cc663089f0eff42679f54ae915dcefc433
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.21&id=646f2a9b0ecc57817352830d4efa409d89542e1d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=1ca284f0867079a34f52a6f811747695828166c6
CVE-2021-3489 edited at 14 May 2021 15:46:50
Description
- A security issue was found in the Linux kernel. It was discovered that eBPF RINGBUF bpf_ringbuf_reserve did not check that the allocated size was smaller than the ringbuf size, leading to an out-of-bounds write.
+ A security issue was found in the Linux kernel before version 5.12.4. It was discovered that eBPF RINGBUF bpf_ringbuf_reserve did not check that the allocated size was smaller than the ringbuf size, leading to an out-of-bounds write.
References
https://www.openwall.com/lists/oss-security/2021/05/11/10
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/kernel/bpf/ringbuf.c?h=v5.12.4&id=53eb85cc663089f0eff42679f54ae915dcefc433
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.12.4&id=53eb85cc663089f0eff42679f54ae915dcefc433
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/kernel/bpf/ringbuf.c?h=v5.10.37&id=1ca284f0867079a34f52a6f811747695828166c6
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.37&id=1ca284f0867079a34f52a6f811747695828166c6
CVE-2021-3489 edited at 14 May 2021 15:36:35
References
https://www.openwall.com/lists/oss-security/2021/05/11/10
- https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/kernel/bpf/ringbuf.c?h=v5.12.4&id=53eb85cc663089f0eff42679f54ae915dcefc433
+ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/kernel/bpf/ringbuf.c?h=v5.10.37&id=1ca284f0867079a34f52a6f811747695828166c6
CVE-2021-3489 edited at 11 May 2021 18:06:23
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ A security issue was found in the Linux kernel. It was discovered that eBPF RINGBUF bpf_ringbuf_reserve did not check that the allocated size was smaller than the ringbuf size, leading to an out-of-bounds write.
References
+ https://www.openwall.com/lists/oss-security/2021/05/11/10
+ https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea
CVE-2021-3489 created at 11 May 2021 18:04:24
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes