VDB

GCVE-VVD-MAGEIA-2021-225

GCVE-VVD-MAGEIA-2021-225
Advisory Published
Vulnetix · Advisory published December 1, 2021
This kernel-linus update is based on upstream 5.10.41 and fixes at least the following security issue: kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit (CVE-2021-33200). For other upstream fixes, see the referenced changelogs.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiavirtualbox0 (affected), 6.1.30-1.mga8 (unaffected)
Mageiakmod-virtualbox0 (affected), 6.1.30-1.mga8 (unaffected)
Mageiakernel-linus0 (affected), 5.10.41-1.mga7 (unaffected), 0 (affected), 5.10.41-1.mga7 (unaffected)
Mageiakernel-linus0 (affected), 5.10.41-1.mga8 (unaffected), 0 (affected), 5.10.41-1.mga8 (unaffected)

References

Updated kernel-linus packages fix security vulnerability
advisory
Updated kernel-linus packages fix security vulnerability
issue
Updated kernel-linus packages fix security vulnerability
issue
Updated kernel-linus packages fix security vulnerability
issue
Updated kernel-linus packages fix security vulnerability
issue
Updated kernel-linus packages fix security vulnerability
issue
Virtualbox 6.1.30 maintenance release
advisory
Virtualbox 6.1.30 maintenance release
issue
Virtualbox 6.1.30 maintenance release
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›