UBUNTU-CVE-2021-29154

Description

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• ubuntu•linux

  all | < 4.4.0-209.241 | < 4.15.0-142.146 | < 5.4.0-72.80

• ubuntu•linux-aws

  < 4.4.0-1091.95 | < 4.4.0-1127.141 | < 4.15.0-1099.106 | < 5.4.0-1045.47

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-5.3

  all

• ubuntu•linux-aws-5.4

  < 5.4.0-1045.47~18.04.1

• ubuntu•linux-aws-fips

  < 4.15.0-2042.44 | all | < 5.4.0-1069.73+fips2

• ubuntu•linux-aws-hwe

  < 4.15.0-1099.106~16.04.1

• ubuntu•linux-azure

  < 4.15.0-1113.126~14.04.1 | < 4.15.0-1113.126~16.04.1 | all | < 5.4.0-1046.48

• ubuntu•linux-azure-4.15

  < 4.15.0-1113.126

• ubuntu•linux-azure-5.3

  all

• ubuntu•linux-azure-5.4

  < 5.4.0-1046.48~18.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fips

  < 4.15.0-2025.28 | all | < 5.4.0-1073.76+fips1

• ubuntu•linux-bluefield

  all

• ubuntu•linux-dell300x

  < 4.15.0-1017.21

• ubuntu•linux-fips

  < 4.4.0-1061.67 | all | < 4.15.0-1058.66

• ubuntu•linux-gcp

  < 4.15.0-1098.111~16.04.1 | all | < 5.4.0-1042.45

• ubuntu•linux-gcp-4.15

  < 4.15.0-1098.111

• ubuntu•linux-gcp-5.3

  all

• ubuntu•linux-gcp-5.4

  < 5.4.0-1042.45~18.04.1

• ubuntu•linux-gcp-edge

  all

• ubuntu•linux-gcp-fips

  all | < 5.4.0-1067.71~20.04.1

• ubuntu•linux-gke

  < 5.4.0-1042.44

• ubuntu•linux-gke-4.15

  all

• ubuntu•linux-gke-5.3

  < 5.3.0-1042.45

• ubuntu•linux-gke-5.4

  < 5.4.0-1042.44~18.04.1

• ubuntu•linux-gkeop

  < 5.4.0-1014.15

• ubuntu•linux-gkeop-5.4

  < 5.4.0-1014.15~18.04.1

• ubuntu•linux-hwe

  < 4.15.0-142.146~16.04.1 | < 5.3.0-73.69

• ubuntu•linux-hwe-5.4

  < 5.4.0-72.80~18.04.1

• ubuntu•linux-hwe-5.8

  < 5.8.0-50.56~20.04.1

• ubuntu•linux-hwe-edge

  all | all

• ubuntu•linux-intel-iot-realtime

  all

• ubuntu•linux-kvm

  < 4.4.0-1092.101 | < 4.15.0-1090.92 | < 5.4.0-1038.39

• ubuntu•linux-lts-xenial

  < 4.4.0-209.241~14.04.1

• ubuntu•linux-nvidia

  all

• ubuntu•linux-oem

  all

• ubuntu•linux-oem-5.10

  < 5.10.0-1022.23

• ubuntu•linux-oem-5.6

  < 5.6.0-1053.57

• ubuntu•linux-oracle

  < 4.15.0-1070.78~16.04.1 | < 4.15.0-1070.78 | < 5.4.0-1043.46

• ubuntu•linux-oracle-5.0

  all

• ubuntu•linux-oracle-5.3

  all

• ubuntu•linux-oracle-5.4

  < 5.4.0-1043.46~18.04.1

• ubuntu•linux-raspi

  < 5.4.0-1034.37

• ubuntu•linux-raspi-5.4

  < 5.4.0-1034.37~18.04.1

• ubuntu•linux-raspi-realtime

  all

• ubuntu•linux-raspi2

  < 4.4.0-1151.162 | < 4.15.0-1084.89 | all

• ubuntu•linux-raspi2-5.3

  < 5.3.0-1039.41

• ubuntu•linux-realtime

  all

• ubuntu•linux-riscv

  all

Showing first 50 affected entries in server-rendered view.

References (8)

• https://ubuntu.com/security/CVE-2021-29154
• https://www.openwall.com/lists/oss-security/2021/04/08/1
• https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=e4d4d456436bfb2fe412ee2cd489f7658449b098
• https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=26f55a59dc65ff77cd1c4b37991e26497fc68049
• https://ubuntu.com/security/notices/USN-4912-1
• https://ubuntu.com/security/notices/USN-4916-1
• https://ubuntu.com/security/notices/USN-4917-1
• https://www.cve.org/CVERecord?id=CVE-2021-29154