CVE-2019-7308

Summary: 
kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.
Published: 
Friday, February 1, 2019 - 17:29
cvss: