SecuritySpace - CVE-2021-20194

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-20194

Description: There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

Test IDs: 1.3.6.1.4.1.25623.1.0.878937 1.3.6.1.4.1.25623.1.0.878934

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-20194
https://bugzilla.redhat.com/show_bug.cgi?id=1912683
https://bugzilla.redhat.com/show_bug.cgi?id=1912683
https://security.netapp.com/advisory/ntap-20210326-0003/
https://security.netapp.com/advisory/ntap-20210326-0003/

CVE ID:	CVE-2021-20194
Description:	There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
Test IDs:	1.3.6.1.4.1.25623.1.0.878937 1.3.6.1.4.1.25623.1.0.878934
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20194 https://bugzilla.redhat.com/show_bug.cgi?id=1912683 https://bugzilla.redhat.com/show_bug.cgi?id=1912683 https://security.netapp.com/advisory/ntap-20210326-0003/ https://security.netapp.com/advisory/ntap-20210326-0003/