Integer Overflow and Out-of-Bounds Write in Linux Kernel's BPF Hash Table Handling

Integer Overflow and Out-of-Bounds Write in Linux Kernel's BPF Hash Table Handling

CVE-2021-38166 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.