CVE-2021-38166 log

Severity Medium
Remote No
Type Arbitrary code execution
In kernel/bpf/hashtab.c in the Linux kernel before version 5.13.12, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
Group Package Affected Fixed Severity Status Ticket
AVG-2297 linux-lts 5.10.56-1 5.10.60-1 Medium Fixed
AVG-2296 linux-zen 5.13.10.zen1-1 5.13.12.zen1-1 Medium Fixed
AVG-2295 linux 5.13.10.arch1-1 5.13.12.arch1-1 Medium Fixed
AVG-2234 linux-hardened 5.12.19.hardened1-1 5.13.13.hardened1-1 Medium Fixed