MGASA-2021-0398

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2021-34556 CVE-2021-35477

Published: 07 Aug 2021, 09:31

Last modified:16 Apr 2026, 04:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

07 Aug 2021, 09:31

Published

Vulnerability first disclosed

16 Apr 2026, 04:24

Last Modified

Vulnerability information updated

Description

Updated kernel-linus packages fix security vulnerabilities This kernel-linus update is based on upstream 5.10.56 and fixes at least the following security issues: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack (CVE-2021-34556). In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value (CVE-2021-35477). For other upstream fixes, see the referenced changelogs.

Affected Systems

mageia•kernel-linus
< 5.10.56-1.mga8

MGASA-2021-0398

Vulnerability Summary

Timeline

Description

Affected Systems

References (6)