vulnerability
Ubuntu: (Multiple Advisories) (CVE-2021-33200): Linux kernel (OEM) vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | May 27, 2021 | Jun 4, 2021 | Aug 18, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
May 27, 2021
Added
Jun 4, 2021
Modified
Aug 18, 2025
Description
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.
Solutions
ubuntu-upgrade-linux-image-4-15-0-1078-oracleubuntu-upgrade-linux-image-4-15-0-1092-raspi2ubuntu-upgrade-linux-image-4-15-0-1097-kvmubuntu-upgrade-linux-image-4-15-0-1106-gcpubuntu-upgrade-linux-image-4-15-0-1109-awsubuntu-upgrade-linux-image-4-15-0-1109-snapdragonubuntu-upgrade-linux-image-4-15-0-1121-azureubuntu-upgrade-linux-image-4-15-0-151-genericubuntu-upgrade-linux-image-4-15-0-151-generic-lpaeubuntu-upgrade-linux-image-4-15-0-151-lowlatencyubuntu-upgrade-linux-image-5-10-0-1029-oemubuntu-upgrade-linux-image-5-11-0-1009-azureubuntu-upgrade-linux-image-5-11-0-1009-kvmubuntu-upgrade-linux-image-5-11-0-1010-oracleubuntu-upgrade-linux-image-5-11-0-1011-awsubuntu-upgrade-linux-image-5-11-0-1011-gcpubuntu-upgrade-linux-image-5-11-0-1012-raspiubuntu-upgrade-linux-image-5-11-0-1012-raspi-nolpaeubuntu-upgrade-linux-image-5-11-0-22-genericubuntu-upgrade-linux-image-5-11-0-22-generic-64kubuntu-upgrade-linux-image-5-11-0-22-generic-lpaeubuntu-upgrade-linux-image-5-11-0-22-lowlatencyubuntu-upgrade-linux-image-5-4-0-1018-gkeopubuntu-upgrade-linux-image-5-4-0-1038-raspiubuntu-upgrade-linux-image-5-4-0-1041-kvmubuntu-upgrade-linux-image-5-4-0-1046-gcpubuntu-upgrade-linux-image-5-4-0-1046-gkeubuntu-upgrade-linux-image-5-4-0-1048-oracleubuntu-upgrade-linux-image-5-4-0-1051-awsubuntu-upgrade-linux-image-5-4-0-1051-azureubuntu-upgrade-linux-image-5-4-0-77-genericubuntu-upgrade-linux-image-5-4-0-77-generic-lpaeubuntu-upgrade-linux-image-5-4-0-77-lowlatencyubuntu-upgrade-linux-image-5-8-0-1029-raspiubuntu-upgrade-linux-image-5-8-0-1029-raspi-nolpaeubuntu-upgrade-linux-image-5-8-0-1030-kvmubuntu-upgrade-linux-image-5-8-0-1033-oracleubuntu-upgrade-linux-image-5-8-0-1035-gcpubuntu-upgrade-linux-image-5-8-0-1036-azureubuntu-upgrade-linux-image-5-8-0-1038-awsubuntu-upgrade-linux-image-5-8-0-59-genericubuntu-upgrade-linux-image-5-8-0-59-generic-64kubuntu-upgrade-linux-image-5-8-0-59-generic-lpaeubuntu-upgrade-linux-image-5-8-0-59-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-hweubuntu-upgrade-linux-image-aws-lts-18-04ubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-lts-18-04ubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-lts-18-04ubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-18-04ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-4ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-4ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-lts-18-04ubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragonubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04ubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-20-04
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.