USN-4950-1: Linux kernel vulnerabilities
Ryota Shiga discovered that the eBPF implementation in the Linux kernel did
not properly verify that a BPF program only reserved as much memory for a
ring buffer as was allocated. A local attacker could use this to cause a
denial of service (system crash) or execute arbitrary code. (CVE-2021-3489)
Manfred Paul discovered that the eBPF implementation in the Linux kernel
did not properly track bounds on bitwise operations. A local attacker could
use this to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2021-3490)
Billy Jheng Bing-Jhong discovered that the io_uring implementation of the
Linux kernel did not properly enforce the MAX_RW_COUNT limit in some
situations. A local attacker could use this to cause a denial of service
(system crash) or execute arbitrary code. (CVE-2021-3491)
Norbert Slusarek discovered that the CAN ISOTP protocol implementation
in the Linux kernel contained a race condition. A local attacker could
use this to cause a denial of service (system crash) or possibly
execute arbitrary code. Please note that to address this issue,
SF_BROADCAST support was removed temporarily from the CAN ISOTP
implementation in Ubuntu 21.04 kernels. (LP: #1927409)
Source: USN-4950-1: Linux kernel vulnerabilities
Leave a Reply