CVE-2021-38300
Summary
| CVE | CVE-2021-38300 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-09-20 06:15:00 UTC |
| Updated | 2023-03-01 20:15:00 UTC |
| Description | arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Application | Netapp | Cloud Backup | - | All | All | All |
| Hardware | Netapp | H300e | - | All | All | All |
| Operating System | Netapp | H300e Firmware | - | All | All | All |
| Hardware | Netapp | H300s | - | All | All | All |
| Operating System | Netapp | H300s Firmware | - | All | All | All |
| Hardware | Netapp | H410c | - | All | All | All |
| Operating System | Netapp | H410c Firmware | - | All | All | All |
| Hardware | Netapp | H410s | - | All | All | All |
| Operating System | Netapp | H410s Firmware | - | All | All | All |
| Hardware | Netapp | H500e | - | All | All | All |
| Operating System | Netapp | H500e Firmware | - | All | All | All |
| Hardware | Netapp | H500s | - | All | All | All |
| Operating System | Netapp | H500s Firmware | - | All | All | All |
| Hardware | Netapp | H700e | - | All | All | All |
| Operating System | Netapp | H700e Firmware | - | All | All | All |
| Hardware | Netapp | H700s | - | All | All | All |
| Operating System | Netapp | H700s Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2021-38300 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| [SECURITY] [DLA 2941-1] linux-4.19 security update | MLIST | lists.debian.org | |
| oss-security - [CVE-2021-38300] Linux kernel cBPF JIT compiler for MIPS emits incorrect branches leading to execution of arbitrary Kernel code | MISC | www.openwall.com | |
| kernel/git/torvalds/linux.git - Linux kernel source tree | CONFIRM | git.kernel.org | |
| cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.10 | CONFIRM | cdn.kernel.org | |
| Debian -- Security Information -- DSA-5096-1 linux | DEBIAN | www.debian.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 179117 Debian Security Update for linux (DSA 5096-1)
- 179119 Debian Security Update for linux-4.19 (DLA 2941-1)
- 180086 Debian Security Update for linux (CVE-2021-38300)
- 352869 Amazon Linux Security Advisory for kernel: ALAS2-2021-1719
- 356241 Amazon Linux Security Advisory for microvm-kernel : ALASMICROVM-KERNEL-4.14-2023-001
- 671225 EulerOS Security Update for kernel (EulerOS-SA-2022-1010)
- 671304 EulerOS Security Update for kernel (EulerOS-SA-2022-1208)
- 671817 EulerOS Security Update for kernel (EulerOS-SA-2022-1868)
- 900370 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (5901)
- 901017 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (6594-1)
- 905928 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (5901-1)