In _bpfringbuf_reserve of ringbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "length": 855.0, "function_hash": "183729967604640829626352513401008393136" }, "id": "PUB-A-190877279-be596cc4", "source": "https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea", "deprecated": false, "signature_version": "v1", "target": { "file": "kernel/bpf/ringbuf.c", "function": "__bpf_ringbuf_reserve" }, "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "192741236581112911028087146785749077645", "178244520072335451936189270906947903571", "301616955728519727737405711715100561842", "263076874577890106306520638709279565582" ] }, "id": "PUB-A-190877279-e9dc1edb", "source": "https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea", "deprecated": false, "signature_version": "v1", "target": { "file": "kernel/bpf/ringbuf.c" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/kernel/common/+/4b81ccebaeee885ab1aa1438133f2991e3a2b6ea" ], "spl": "2021-10-05", "severity": "Moderate", "types": [ "EoP" ] }