High severity7.8NVD Advisory· Published Sep 20, 2021· Updated Jun 17, 2026
CVE-2021-38300
CVE-2021-38300
Description
arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Linux/Linux kerneldescription
- Range: <5.4.10
Patches
Vulnerability mechanics
References
6- www.openwall.com/lists/oss-security/2021/09/15/5nvdMailing ListPatchThird Party Advisory
- git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/nvdExploitMailing ListPatchVendor Advisory
- cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.10nvdMailing ListVendor Advisory
- lists.debian.org/debian-lts-announce/2022/03/msg00012.htmlnvdThird Party Advisory
- security.netapp.com/advisory/ntap-20211008-0003/nvdThird Party Advisory
- www.debian.org/security/2022/dsa-5096nvdThird Party Advisory
News mentions
0No linked articles in our index yet.