CVE-2021-34556

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-34556

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-34556.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-34556

Aliases

A-196011539
PUB-A-196011539

Downstream

DEBIAN-CVE-2021-34556

DLA-2785-1

OESA-2021-1324

SUSE-SU-2021:3177-1

SUSE-SU-2021:3178-1

SUSE-SU-2021:3179-1

SUSE-SU-2021:3205-1

SUSE-SU-2021:3205-2

SUSE-SU-2021:3206-1

SUSE-SU-2021:3207-1

SUSE-SU-2021:3217-1

SUSE-SU-2021:3415-1

SUSE-SU-2021:3723-1

SUSE-SU-2021:3748-1

SUSE-SU-2021:3876-1

SUSE-SU-2021:3929-1

SUSE-SU-2021:3935-1

SUSE-SU-2021:3969-1

SUSE-SU-2021:3972-1

SUSE-SU-2025:0229-1

UBUNTU-CVE-2021-34556

USN-5092-1

USN-5092-2

USN-5096-1

USN-5115-1

USN-5137-1

USN-5137-2

openSUSE-SU-2021:1271-1

openSUSE-SU-2021:1477-1

openSUSE-SU-2021:3179-1

openSUSE-SU-2021:3205-1

openSUSE-SU-2021:3876-1

Related

Published

2021-08-02T05:15:07Z

Modified

2025-08-09T20:01:27Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.

References

Affected packages