It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.

Related CVEs

CVE-2021-3600

Key Information

GHSA ID

GHSA-769h-g9v6-cwg7

Published

January 8, 2024 9:30 PM

Last Modified

January 8, 2024 9:30 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 21, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.