CVE-2020-27194

An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a.

Weakness

When converting from one data type to another, such as long to integer, data can be omitted or translated in a way that produces unexpected values. If the resulting values are used in a sensitive context, then dangerous behaviors may occur.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	*	5.8.15 (excluding)
Linux	Ubuntu	esm-infra-legacy/trusty	*
Linux	Ubuntu	groovy	*
Linux	Ubuntu	precise/esm	*
Linux	Ubuntu	trusty	*
Linux	Ubuntu	trusty/esm	*
Linux	Ubuntu	upstream	*
Linux-aws	Ubuntu	esm-infra-legacy/trusty	*
Linux-aws	Ubuntu	groovy	*
Linux-aws	Ubuntu	trusty	*
Linux-aws	Ubuntu	trusty/esm	*
Linux-aws	Ubuntu	upstream	*
Linux-aws-5.0	Ubuntu	bionic	*
Linux-aws-5.0	Ubuntu	esm-infra/bionic	*
Linux-aws-5.0	Ubuntu	upstream	*
Linux-aws-5.3	Ubuntu	bionic	*
Linux-aws-5.3	Ubuntu	esm-infra/bionic	*
Linux-aws-5.3	Ubuntu	upstream	*
Linux-aws-5.4	Ubuntu	upstream	*
Linux-aws-hwe	Ubuntu	upstream	*
Linux-azure	Ubuntu	bionic	*
Linux-azure	Ubuntu	esm-infra-legacy/trusty	*
Linux-azure	Ubuntu	esm-infra/bionic	*
Linux-azure	Ubuntu	groovy	*
Linux-azure	Ubuntu	trusty	*
Linux-azure	Ubuntu	trusty/esm	*
Linux-azure	Ubuntu	upstream	*
Linux-azure-4.15	Ubuntu	upstream	*
Linux-azure-5.3	Ubuntu	bionic	*
Linux-azure-5.3	Ubuntu	esm-infra/bionic	*
Linux-azure-5.3	Ubuntu	upstream	*
Linux-azure-5.4	Ubuntu	upstream	*
Linux-azure-edge	Ubuntu	bionic	*
Linux-azure-edge	Ubuntu	esm-infra/bionic	*
Linux-azure-edge	Ubuntu	upstream	*
Linux-gcp	Ubuntu	bionic	*
Linux-gcp	Ubuntu	esm-infra/bionic	*
Linux-gcp	Ubuntu	groovy	*
Linux-gcp	Ubuntu	upstream	*
Linux-gcp-4.15	Ubuntu	upstream	*
Linux-gcp-5.3	Ubuntu	bionic	*
Linux-gcp-5.3	Ubuntu	esm-infra/bionic	*
Linux-gcp-5.3	Ubuntu	upstream	*
Linux-gcp-5.4	Ubuntu	upstream	*
Linux-gcp-edge	Ubuntu	bionic	*
Linux-gcp-edge	Ubuntu	esm-infra/bionic	*
Linux-gcp-edge	Ubuntu	upstream	*
Linux-gke-4.15	Ubuntu	upstream	*
Linux-gke-5.0	Ubuntu	upstream	*
Linux-gke-5.3	Ubuntu	upstream	*
Linux-hwe	Ubuntu	bionic	*
Linux-hwe	Ubuntu	esm-infra/bionic	*
Linux-hwe	Ubuntu	upstream	*
Linux-hwe-5.4	Ubuntu	upstream	*
Linux-hwe-edge	Ubuntu	bionic	*
Linux-hwe-edge	Ubuntu	esm-infra/bionic	*
Linux-hwe-edge	Ubuntu	esm-infra/xenial	*
Linux-hwe-edge	Ubuntu	upstream	*
Linux-hwe-edge	Ubuntu	xenial	*
Linux-kvm	Ubuntu	groovy	*
Linux-kvm	Ubuntu	upstream	*
Linux-lts-trusty	Ubuntu	precise/esm	*
Linux-lts-trusty	Ubuntu	upstream	*
Linux-lts-xenial	Ubuntu	esm-infra-legacy/trusty	*
Linux-lts-xenial	Ubuntu	trusty	*
Linux-lts-xenial	Ubuntu	trusty/esm	*
Linux-lts-xenial	Ubuntu	upstream	*
Linux-oem	Ubuntu	upstream	*
Linux-oem	Ubuntu	xenial	*
Linux-oem-5.6	Ubuntu	upstream	*
Linux-oem-osp1	Ubuntu	upstream	*
Linux-oracle	Ubuntu	groovy	*
Linux-oracle	Ubuntu	upstream	*
Linux-oracle-5.0	Ubuntu	bionic	*
Linux-oracle-5.0	Ubuntu	esm-infra/bionic	*
Linux-oracle-5.0	Ubuntu	upstream	*
Linux-oracle-5.3	Ubuntu	bionic	*
Linux-oracle-5.3	Ubuntu	esm-infra/bionic	*
Linux-oracle-5.3	Ubuntu	upstream	*
Linux-oracle-5.4	Ubuntu	upstream	*
Linux-raspi	Ubuntu	groovy	*
Linux-raspi	Ubuntu	upstream	*
Linux-raspi-5.4	Ubuntu	upstream	*
Linux-raspi2	Ubuntu	focal	*
Linux-raspi2	Ubuntu	upstream	*
Linux-raspi2-5.3	Ubuntu	upstream	*
Linux-riscv	Ubuntu	groovy	*
Linux-riscv	Ubuntu	upstream	*
Linux-snapdragon	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-27194
CWE	https://cwe.mitre.org/data/definitions/681.html

Incorrect Conversion between Numeric Types

Weakness

Affected Software

Potential Mitigations

References