Vulnerability Details : CVE-2021-31829
kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel.
Products affected by CVE-2021-31829
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-31829
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-31829
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2021-31829
-
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-31829
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZI7OBCJQDNWMKLBP6MZ5NV4EUTDAMX6Q/
[SECURITY] Fedora 33 Update: kernel-5.11.19-200.fc33 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
[SECURITY] [DLA 2690-1] linux-4.19 security updateMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VWCZ6LJLENL2C3URW5ICARTACXPFCFN2/
[SECURITY] Fedora 34 Update: kernel-tools-5.11.19-300.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/05/04/4
oss-security - [CVE-2021-31829] Linux kernel protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memoryMailing List;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4X2G5YAPYJGI3PFEZZNOTRYI33GOCCZ/
[SECURITY] Fedora 32 Update: kernel-5.11.19-100.fc32 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://github.com/torvalds/linux/commit/801c6058d14a82179a7ee17a4b532cac6fad067f
bpf: Fix leakage of uninitialized bpf stack under speculation · torvalds/linux@801c605 · GitHubPatch;Third Party Advisory
Jump to