vulnerability

Debian: CVE-2021-38300: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Sep 20, 2021	Mar 10, 2022	Aug 17, 2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Sep 20, 2021

Added

Mar 10, 2022

Modified

Aug 17, 2022

Description

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

Solution

debian-upgrade-linux

References

CVE-2021-38300
https://attackerkb.com/topics/CVE-2021-38300
DEBIAN-DLA-2941-1
DEBIAN-DSA-5096
DEBIAN-DSA-5096-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today