CVE-2021-46974
Published: Feb 27, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the off_reg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix, perform the final bitwise and-op unconditionally into AX from the off_reg, then move the pointer from the src to dst and finally use AX as the source for the original pointer arithmetic operation such that the inversion yields a correct result. The single non-AX mov in between is possible given constant blinding is retaining it as it's not an immediate based operation.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ae03b6b1c880a03d4771257336dc3bca156dd51b - < 4d542ddb88fb2f39bf7f14caa2902f3e8d06f6baaffected f92a819b4cbef8c9527d9797110544b2055a4b96 - < 0e2dfdc74a7f4036127356d42ea59388f153f42caffected 979d63d50c0c0f7bc537bf821e056cc9fe5abd38 - < 53e0db429b37a32b8fc706d0d90eb4583ad13848affected 979d63d50c0c0f7bc537bf821e056cc9fe5abd38 - < 2cfa537674cd1051a3b8111536d77d0558f33d5daffected 979d63d50c0c0f7bc537bf821e056cc9fe5abd38 - < 6eba92a4d4be8feb4dc33976abac544fa99d6ecc+6 more versions |
Linux | Linux | affected 5.0unaffected 0 - < 5.0unaffected 4.14.233 - <= 4.14.*unaffected 4.19.190 - <= 4.19.*unaffected 5.4.117 - <= 5.4.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now