An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27170
Reference (s):
- FEDORA:FEDORA-2021-9503fffad9
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/
- FEDORA:FEDORA-2021-e49da8a226
- URL: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/
- FEDORA:FEDORA-2021-f0181b8085