Race Condition in Linux Kernel's ebpf Verifier Allows Unauthorized Modification of Frozen Mapped Address Space

Race Condition in Linux Kernel's ebpf Verifier Allows Unauthorized Modification of Frozen Mapped Address Space

CVE-2021-4001 · MEDIUM Severity

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N

A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.