Linux Kernel eBPF Memory Leak Vulnerability in Simulated Networking Device Driver

Linux Kernel eBPF Memory Leak Vulnerability in Simulated Networking Device Driver

CVE-2021-4135 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

A memory leak vulnerability was found in the Linux kernel's eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.