Vulnerability CVE-2021-33624

Vulnerability Name:

CVE-2021-33624 (CCN-204087)

Assigned:

2021-06-21

Published:

2021-06-21

Updated:

2021-11-12

Summary:

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.

CVSS v3 Severity:

4.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.7 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-203

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2021-33624

Source: CONFIRM
Type: Mailing List, Exploit, Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/06/21/1

Source: XF
Type: UNKNOWN
linux-kernel-cve202133624-info-disc(204087)

Source: CCN
Type: Linux Kernel GIT Repository
bpf: Inherit expanded/patched seen count from old aux data

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/torvalds/linux/commit/9183671af6dbf60a1219371d4ed73e23f43b49db

Source: MLIST
Type: Issue Tracking, Third Party Advisory
[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update

Source: CCN
Type: oss-sec Mailing List, Wed, 09 Jun 2021 23:11:00 +0200
[CVE-2021-33624] Linux kernel BPF protection against speculative execution attacks can be bypassed to read arbitrary kernel memory

Source: MISC
Type: Third Party Advisory
https://www.usenix.org/conference/usenixsecurity21/presentation/kirzner

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-33624

Vulnerable Configuration:

Configuration 1:

cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* (Version < 5.12.13)

Configuration 2:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:linux:linux_kernel:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8029	P	kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7583	P	libcolord2-1.4.5-150400.4.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8090	P	reiserfs-kmp-default-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7706	P	libyaml-cpp0_6-0.6.3-150400.4.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7539	P	kernel-64kb-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7568	P	libXtst-devel-1.2.3-1.24 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:741	P	Security update for gdk-pixbuf (Important)	2022-09-07
oval:org.opensuse.security:def:6102	P	Security update for gpg2 (Important)	2022-07-22
oval:org.opensuse.security:def:3642	P	Security update for java-11-openjdk (Important) (in QA)	2022-07-22
oval:org.opensuse.security:def:6093	P	Security update for pcre (Important)	2022-07-08
oval:org.opensuse.security:def:6090	P	Security update for openssl-1_1 (Important)	2022-07-06
oval:org.opensuse.security:def:3448	P	busybox-1.21.1-3.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3453	P	clamav-0.101.3-1.19 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3456	P	coreutils-8.25-13.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3567	P	libXtst6-1.2.2-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3398	P	wpa_supplicant-2.6-15.10.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94903	P	gd-2.2.5-11.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95078	P	reiserfs-kmp-default-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95083	P	kernel-azure-5.14.21-150400.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94590	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2960	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94568	P	gptfdisk-1.0.8-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95197	P	kernel-default-extra-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95028	P	kernel-docs-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95320	P	Security update for cups (Important)	2022-05-26
oval:org.opensuse.security:def:95317	P	Security update for openldap2 (Important)	2022-05-16
oval:org.opensuse.security:def:102030	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2022-03-29
oval:org.opensuse.security:def:102033	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP3) (Important)	2022-03-29
oval:org.opensuse.security:def:101616	P	Security update for python39 (Moderate) (in QA)	2022-03-28
oval:org.opensuse.security:def:99504	P	(Moderate)	2022-03-24
oval:org.opensuse.security:def:99703	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:100012	P	(Moderate)	2021-11-09
oval:org.opensuse.security:def:4494	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2021-10-12
oval:org.opensuse.security:def:93104	P	(Important)	2021-09-03
oval:org.opensuse.security:def:101281	P	libtidy-devel-5.4.0-3.2.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:9555	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:67778	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:125572	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:8323	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:6932	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:92355	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:102290	P	Security update for crmsh (Moderate)	2021-07-21
oval:org.opensuse.security:def:70445	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:89165	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:8807	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:67191	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:105115	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:51927	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:91879	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:69695	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:98918	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:33687	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:9754	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:68021	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:126741	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:19566	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:92554	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:89423	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:9002	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:125098	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:109337	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:93257	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:59510	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:91968	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:69894	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:99113	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:33945	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:10119	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:88159	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:127138	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:118428	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:92753	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:68795	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:98425	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:23939	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:9365	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:95958	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:125285	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:8256	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:6689	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:59768	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:92163	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:70259	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:99305	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:10305	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:88473	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:20278	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:8621	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:92951	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:102671	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:111634	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:76259	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:91460	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:69505	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:98829	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:101902	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:99659	P	(Important)	2021-07-15
oval:org.opensuse.security:def:101472	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:64731	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:102288	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:99973	P	(Important)	2021-07-15
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:1770	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:101790	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:6474	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:4563	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:74720	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:102322	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:8386	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:100309	P	(Important)	2021-07-15
oval:org.opensuse.security:def:7251	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:111622	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:76250	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:70825	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:67563	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:101872	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:65652	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:99396	P	(Important)	2021-07-15
oval:org.opensuse.security:def:68340	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:67182	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:100637	P	(Important)	2021-07-15
oval:org.opensuse.security:def:73853	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:26088	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:96173	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:109648	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:117980	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:60306	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:4277	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:5772	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:75929	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:42101	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:34484	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:10648	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:20461	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:95678	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:119788	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:102863	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:117462	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:6450	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:74651	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:96310	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:8363	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:66861	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:108699	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:7112	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:60307	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:102391	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:4436	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:70788	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:42102	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:35259	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:21837	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:67539	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:65583	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:102982	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:117796	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:107947	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:68201	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:19609	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:108956	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:61082	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:4725	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:73667	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:109529	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:117879	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:108282	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:34483	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:95577	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:118625	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:109057	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:64545	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:5075	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:66858	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:108696	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:68657	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:1545	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:109279	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:118365	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:111618	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:76247	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:68672	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:95900	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:67179	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:102613	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:5769	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:75926	P	Security update for the Linux Kernel (Important)	2021-07-13
oval:org.opensuse.security:def:111479	P	Security update for the Linux Kernel (Important)	2021-07-08

BACK