vulnerability

Huawei EulerOS: CVE-2021-34556: kernel security update

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Aug 2, 2021
Added
Feb 24, 2022
Modified
Feb 24, 2022

Description

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.

Solution(s)

huawei-euleros-2_0_sp8-upgrade-bpftoolhuawei-euleros-2_0_sp8-upgrade-kernelhuawei-euleros-2_0_sp8-upgrade-kernel-develhuawei-euleros-2_0_sp8-upgrade-kernel-headershuawei-euleros-2_0_sp8-upgrade-kernel-toolshuawei-euleros-2_0_sp8-upgrade-kernel-tools-libshuawei-euleros-2_0_sp8-upgrade-perfhuawei-euleros-2_0_sp8-upgrade-python-perfhuawei-euleros-2_0_sp8-upgrade-python3-perf
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.