vulnerability

Ubuntu: (CVE-2021-38300): linux-hwe-5.13 vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Sep 20, 2021	Nov 19, 2024	Sep 1, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Sep 20, 2021

Added

Nov 19, 2024

Modified

Sep 1, 2025

Description

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

Solutions

ubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcp-fipsubuntu-upgrade-linux-hwe-5-13

References

CVE-2021-38300
https://attackerkb.com/topics/CVE-2021-38300
DEBIAN-DSA-5096
URL-https://lore.kernel.org/bpf/[email protected]/
URL-https://www.cve.org/CVERecord?id=CVE-2021-38300
URL-https://www.openwall.com/lists/oss-security/2021/09/15/5

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today