Vulnerability Details : CVE-2021-20194
There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.
Vulnerability category: Memory CorruptionInput validation
Threat overview for CVE-2021-20194
Top countries where our scanners detected CVE-2021-20194
Top open port discovered on systems with this issue 53
IPs affected by CVE-2021-20194 60,029
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2021-20194!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-20194
Probability of exploitation activity in the next 30 days: 0.04%
CVSS scores for CVE-2021-20194
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2021-20194
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: firstname.lastname@example.org (Primary)
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: email@example.com (Secondary)
References for CVE-2021-20194
CVE-2021-20194 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
1912683 – (CVE-2021-20194) CVE-2021-20194 kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()Issue Tracking;Patch;Third Party Advisory
Products affected by CVE-2021-20194