exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2021-29154

Status Candidate

Overview

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

Related Files

Red Hat Security Advisory 2021-3653-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3653-01 - Red Hat Advanced Cluster Management 2.1.11 security fix and container updates are available.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23017, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-36222, CVE-2021-3653, CVE-2021-37750
MD5 | ef43f11cebe0cd0e7f13da5997e4271e
Red Hat Security Advisory 2021-3454-01
Posted Sep 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3454-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs and security issues.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-20149, CVE-2020-27777, CVE-2021-22543, CVE-2021-22555, CVE-2021-27218, CVE-2021-29154, CVE-2021-29650, CVE-2021-31535, CVE-2021-32399, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3609
MD5 | 9fe56b076bba5afdd4b2766eaf38b13f
Red Hat Security Advisory 2021-3327-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3327-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-27777, CVE-2021-22555, CVE-2021-29154, CVE-2021-29650, CVE-2021-32399
MD5 | 492c0820f1ea8aca21b5d7f7d0f8bbb3
Red Hat Security Advisory 2021-3328-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3328-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, out of bounds write, and privilege escalation vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2021-22555, CVE-2021-29154, CVE-2021-29650, CVE-2021-32399
MD5 | 3c2f065712729fdd928b966fe35e35f3
Kernel Live Patch Security Notice LSN-0076-1
Posted May 3, 2021
Authored by Benjamin M. Romer

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | b564ede11c90d1a439897db81efbd24b
Ubuntu Security Notice USN-4916-2
Posted Apr 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-2 - USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately, the fix for CVE-2021-3493 introduced a memory leak in some situations. This update fixes the problem. It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability, memory leak
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | 463f8608bb8c56e58878d9bf6dca9de5
Ubuntu Security Notice USN-4917-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4917-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3492, CVE-2021-3493
MD5 | a63c6add6b05cf17bc9226159741c86f
Ubuntu Security Notice USN-4916-1
Posted Apr 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4916-1 - It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-29154, CVE-2021-3493
MD5 | 51ebf05c69b14b4b5df3a811f767345a
Ubuntu Security Notice USN-4912-1
Posted Apr 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4912-1 - Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, x86, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0423, CVE-2020-0465, CVE-2020-0466, CVE-2020-14351, CVE-2020-14390, CVE-2020-25285, CVE-2020-25645, CVE-2020-25669, CVE-2020-27830, CVE-2020-36158, CVE-2021-20194, CVE-2021-29154, CVE-2021-3178, CVE-2021-3411
MD5 | 1bded3d10c58ff192a0d70e344750ce6
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close