CVE-2021-4001 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Privilege escalation
Description	When a map is read-only for the ebpf program and is frozen, the ebpf verifier will directly take the value from the map and directly use the value to participate in the verification of the ebpf verifier. After the ebpf program passes the verification of the verifier, and then uses the race condition bug to modify the frozen map content, all the assumptions of the ebpf verifier will be invalid, and it may also lead to the problem of local privilege escalation.

Group	Package	Affected	Fixed	Severity	Status
AVG-2595	linux-lts	5.10.82-1	5.10.83-1	Medium	Fixed
AVG-2586	linux-zen	5.15.4.zen1-1	5.15.5.zen1-1	Medium	Fixed
AVG-2585	linux	5.15.4.arch1-1	5.15.5.arch1-1	Medium	Fixed
AVG-2524	linux-hardened	5.14.21.hardened1-1	5.15.5.hardened1-1	Medium	Fixed

References
https://bugzilla.redhat.com/show_bug.cgi?id=2025645 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.5&id=a5d1d3522232b4af1f5dee02d381e6fa86be8e2d https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.83&id=33fe044f6a9e8977686a6a09f0bf33e5cc75257e

References

https://bugzilla.redhat.com/show_bug.cgi?id=2025645
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.5&id=a5d1d3522232b4af1f5dee02d381e6fa86be8e2d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.83&id=33fe044f6a9e8977686a6a09f0bf33e5cc75257e