QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2021-3490

Back to search

CVE-2021-3490

Published: Jun 4, 2021

Modified: Sep 16, 2024

PUBLISHED

CVSS v3.1

7.8

HIGH

Description

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1).

VendorProductVersions

Linux

Linux kernel

affected
trunk - < v5.13-rc4
affected
linux-5.12.y - < v5.12.4
affected
linux-5.11.y - < v5.11.21
affected
linux-5.10.y - < v5.10.37
affected
v5.7-rc1 - < 5.7*

Weaknesses (CWE)

CWE-787
CWE-20

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

References

https://ubuntu.com/security/notices/USN-4950-1
vendor-advisory
x_refsource_UBUNTU
https://ubuntu.com/security/notices/USN-4949-1
vendor-advisory
x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now