Severity
Medium
Analysis Summary
CVE-2020-27171
Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a numeric error when restricting speculative pointer arithmetic. By executing specially-crafted BPF programs, an attacker could exploit this vulnerability to obtain contents of kernel memory, and use this information to launch further attacks against the affected system.
Impact
Information disclosure
Affected Vendors
Linux
Affected Products
Linux Kernel
Remediation
Refer to Linux Kernel GIT Repository for patch, upgrade or suggested workaround information.