VDB
CVE-2021-3444
CVE-2021-3444
PUBLISHED
The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 ("bpf: Fix truncation handling for mod32 dst reg wrt zero") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.
EPSS 0.03% · 9.3th percentile
Risk Scores
EPSS Score
0.03%
9.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | linux-gke-5.3 | *, *, 5.3.0-1039.42 |
| Ubuntu:18.04:LTS | linux-aws-5.4 | 5.4.0-1025.25~18.04.1, 5.4.0-1018.18~18.04.1, 5.4.0-1020.20~18.04.2 |
| Ubuntu:18.04:LTS | linux-oracle-5.0 | 5.0.0-1008.13~18.04.1, 5.0.0-1013.18, 5.0.0-1014.19 |
| Ubuntu:18.04:LTS | linux-gcp-5.4 | 5.4.0-1029.31~18.04.1, 5.4.0-1028.29~18.04.1, 5.4.0-1024.24~18.04.1 |
| Ubuntu:20.04:LTS | linux-riscv-5.8 | 0, 5.8.0-14.16~20.04.1, 5.8.0-14.16~20.04.3 |
| Ubuntu:20.04:LTS | linux-hwe-5.8 | 0, *, * |
| Ubuntu:20.04:LTS | linux-azure | 5.3.0-1003.3, 5.4.0-1025.25, 5.4.0-1022.22 |
| Ubuntu:18.04:LTS | linux-hwe-5.4 | *, *, 5.4.0-64.72~18.04.1 |
| Ubuntu:18.04:LTS | linux-gcp-5.3 | 5.3.0-1012.13~18.04.1, 0, 5.3.0-1008.9~18.04.1 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 5.15.0-1073.75, 0 |
| Ubuntu:18.04:LTS | linux-gcp | 4.15.0-1027.28, 4.15.0-1026.27, 4.15.0-1025.26 |
| Ubuntu:Pro:FIPS:20.04:LTS | linux-aws-fips | 5.4.0-1021.21+fips2, 0 |
| Ubuntu:18.04:LTS | linux-azure | 5.0.0-1023.24~18.04.1, *, * |
| Ubuntu:18.04:LTS | linux-raspi2-5.3 | 5.3.0-1033.35, 5.3.0-1035.37, 5.3.0-1036.38 |
| Ubuntu:16.04:LTS | linux-hwe-edge | *, *, 0 |
| Ubuntu:18.04:LTS | linux-gcp-edge | 0, *, * |
| Ubuntu:20.04:LTS | linux-oem-5.6 | 5.6.0-1033.35, 5.6.0-1011.11, 5.6.0-1010.10 |
| Ubuntu:22.04:LTS | linux-realtime | 5.15.0-1032.35, 0 |
| Ubuntu:20.04:LTS | linux-kvm | 5.4.0-1009.9, 0, 5.3.0-1003.3 |
| Ubuntu:Pro:FIPS-updates:20.04:LTS | linux-gcp-fips | 5.4.0-1021.21+fips1, 0 |
…and 29 more
Timeline
- Mar 23, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-3444 third-party-advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9b00f1b78809309163dda2d044d9e94a3c0248a3 third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/03/23/2 third-party-advisory
- https://ubuntu.com/security/notices/USN-4887-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-3444 third-party-advisory