CVE-2021-35477

Description

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.

References

Link	Tags
https://www.openwall.com/lists/oss-security/2021/08/01/3	third party advisory mailing list
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=f5e81d1117501546b7be050c5fbafa6efd2c722c	patch vendor advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=2039f26f3aca5b0e419b98f65dd36481337b86ee	patch vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JKK6XNRZX5BT5QVYOKGVJ2BHFZAP5EX/	vendor advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/565ZS55ZFEN62WVRRORT7R63RXW5F4T4/	vendor advisory
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html	third party advisory mailing list

Frequently Asked Questions

What is the severity of CVE-2021-35477?: CVE-2021-35477 has been scored as a medium severity vulnerability.
How to fix CVE-2021-35477?: To fix CVE-2021-35477, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-35477 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-35477 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-203 – Observable Discrepancy

References

Frequently Asked Questions