CVE-2021-20320: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2021-20320) was discovered in the Linux kernel's s390 eBPF JIT implementation, specifically in the bpf_jit_insn function within arch/s390/net/bpf_jit_comp.c. The vulnerability was disclosed on February 18, 2022, affecting various Linux distributions including Ubuntu, SUSE, and Debian (NVD, Ubuntu).

The vulnerability involves three miscompilation issues in the s390 eBPF JIT. Two of these issues affect the initial s390x eBPF JIT compiler backend implementation (v4.1+), while one issue affects versions v5.5+. The flaw allows a local attacker with special user privileges to circumvent the verifier, potentially leading to security implications. The vulnerability has been assigned a CVSS v3 severity score of 5.5 (Medium) (Ubuntu, RedHat).

The vulnerability can lead to confidentiality problems and potentially allow an unprivileged local user to circumvent the verifier and gain root privileges (RedHat).

The vulnerability has been fixed in various Linux distributions. Ubuntu has released fixes for multiple versions: 5.4.0-86.97 for 20.04 LTS, 4.15.0-158.166 for 18.04 LTS, and 4.4.0-216.249 for 16.04 LTS. The issue was also addressed in Fedora with the 5.14.7 stable kernel update (Ubuntu, RedHat).