CVE-2021-29648: 
CBL Mariner vulnerability analysis and mitigation

CVE-2021-29648 is a vulnerability discovered in the Linux kernel before version 5.11.11. The issue exists in the BPF subsystem where it does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format (BTF), which can cause a system crash upon an unexpected access attempt in mapcreate in kernel/bpf/syscall.c or checkbtf_info in kernel/bpf/verifier.c. The vulnerability was discovered on March 30, 2021 (Debian Tracker, NVD).

The vulnerability stems from the BPF subsystem's handling of vmlinux BTF (BPF Type Format). When a file descriptor of vmlinux BTF is passed into mapcreate, it causes a crash in btftypeidsize() when attempting to access resolvedids. This occurs because the vmlinux BTF intentionally leaves 'resolvedids' and 'resolvedsizes' uninitialized to save memory. The issue was fixed by preventing the use of vmlinux BTF in progload and map_create commands (Kernel Commit).

The vulnerability can lead to a Denial of Service (DoS) condition through system crashes when an unexpected access attempt is made to the uninitialized BTF structures. This affects systems running Linux kernel versions prior to 5.11.11 (Rapid7).

The vulnerability was fixed in Linux kernel version 5.11.11 by adding checks to prevent the use of vmlinux BTF in progload and mapcreate commands. Users should upgrade their Linux kernel to version 5.11.11 or later to address this vulnerability. Various Linux distributions have also released security updates to patch this issue (Fedora Update).