Observable discrepancy in Linux kernel

#VU51774 Observable discrepancy in Linux kernel

Published: 2021-03-29

Vulnerability identifier: #VU51774

Vulnerability risk: Low

CVSSv3.1:

CVE-ID: CVE-2020-27170

CWE-ID: CWE-203

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor:

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists in kernel/bpf/verifier.c due to kernel performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations. A local user can run a specially crafted program to gain access to sensitive information.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://www.openwall.com/lists/oss-security/2021/03/24/4
http://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8
http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f232326f6966cf2a1d1db7bc917a4ce5f9f55f76
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/
http://www.openwall.com/lists/oss-security/2021/03/19/2

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

Latest bulletins with this vulnerability

Multiple vulnerabilities in Juniper Networks Session Smart Router

Red Hat Enterprise Linux 7 update for kernel-rt

Red Hat Enterprise Linux 7 update for kernel

CentOS 7 update for kernel

Spectre mitigations bypass in Linux kernel

Ubuntu update for linux