VDB
CVE-2021-20320
CVE-2021-20320
PUBLISHED
A flaw was found in s390 eBPF JIT in bpf_jit_insn in arch/s390/net/bpf_jit_comp.c in the Linux kernel. In this flaw, a local attacker with special user privilege can circumvent the verifier and may lead to a confidentiality problem.
EPSS 0.10% · 26.4th percentile
Risk Scores
EPSS Score
0.10%
26.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:FIPS-updates:18.04:LTS | linux-aws-fips | 4.15.0-2027.27, 4.15.0-2030.31, 4.15.0-2031.32 |
| Ubuntu:20.04:LTS | linux-oem-5.6 | 5.6.0-1053.57, 5.6.0-1008.8, 5.6.0-1007.7 |
| Ubuntu:18.04:LTS | linux | 4.15.0-24.26, 4.15.0-30.32, 4.15.0-32.35 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-aws-fips | 5.4.0-1021.21+fips2, 0 |
| Ubuntu:24.04:LTS | linux-raspi-realtime | 6.8.0-2019.20, 0 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 5.15.0-1073.75, 0 |
| Ubuntu:18.04:LTS | linux-gcp-4.15 | 4.15.0-1096.109, 4.15.0-1097.110, 4.15.0-1098.111 |
| Ubuntu:18.04:LTS | linux-aws-5.3 | 5.3.0-1016.17~18.04.1, 5.3.0-1023.25~18.04.1, 5.3.0-1030.32~18.04.1 |
| Ubuntu:20.04:LTS | linux-hwe-5.11 | 5.11.0-44.48~20.04.2, 5.11.0-43.47~20.04.2, * |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-azure-fips | 4.15.0-1002.2, 0 |
| Ubuntu:Pro:14.04:LTS | linux-aws | 4.4.0-1065.69, 4.4.0-1014.14, 4.4.0-1017.17 |
| Ubuntu:18.04:LTS | linux-gcp-5.3 | *, 0, 5.3.0-1008.9~18.04.1 |
| Ubuntu:18.04:LTS | linux-aws | 4.15.0-1034.36, 4.15.0-1039.41, 4.15.0-1040.42 |
| Ubuntu:18.04:LTS | linux-gke-5.4 | 5.4.0-1049.52~18.04.1, *, * |
| Ubuntu:18.04:LTS | linux-oracle | 4.15.0-1026.29, 4.15.0-1029.32, 4.15.0-1035.39 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-fips | 0, 5.4.0-1007.8 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-fips | 4.15.0-1011.12, 0 |
| Ubuntu:20.04:LTS | linux | 5.4.0-54.60, 5.4.0-58.64, 5.4.0-59.65 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-gcp-fips | 0, 4.15.0-1001.1 |
| Ubuntu:18.04:LTS | linux-azure-5.4 | 5.4.0-1020.20~18.04.1, 5.4.0-1022.22~18.04.1, 5.4.0-1023.23~18.04.1 |
…and 69 more
Timeline
- Feb 18, 2022 CVE Published
- Feb 19, 2022 EPSS Score
- Apr 12, 2022 EPSS Score
- Jun 3, 2022 EPSS Score
- Jul 26, 2022 EPSS Score
- Sep 16, 2022 EPSS Score
- Nov 7, 2022 EPSS Score
- Dec 29, 2022 EPSS Score
- Feb 19, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 13, 2023 EPSS Score
- Jun 4, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-20320 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-20320 third-party-advisory
- Multiples vulnérabilités dans le noyau Linux de SUSE advisory