In the EBPF subsystem, which allows you to run handlers inside the Linux kernel in a special virtual machine with JIT, Detected Vulnerability ( CVE-2021-3600 ), allowing a local unprivileged user to achieve execution Your code at the Linux kernel level. The problem is caused by the incorrect truncation of 32-bit registers when performing “div” and “mod” operations, which can lead to reading and writing data abroad of the selected memory area.
Vulnerability is made in incorrect Correction 32-bit division on zero in the release of 4.15, which was also biscorthized in the branches 4.4.x, 4.9.x and 4.14.x. Operation of vulnerability is possible for nuclei, starting from version 4.14, in which it was Changed Method for tracking values in the BPF verifier. Problem Eliminated in Linux 5.11 kernel. Correction is boopported in branches 5.10.x and 5.4.x, but not transferred to the branches 4.19.x and 4.14.x. Update with a vulnerability correction released for ubuntu and Debian Sid . Is there a problem in SUSE and Rhel is not yet clear.