CVE-2021-38300

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-38300
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-38300.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-38300
Downstream
Published
2021-09-20T06:15:06Z
Modified
2025-08-09T19:01:27Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

References

Affected packages