Description: eBPF Improper Input Validation Vulnerability
References:
 https://www.openwall.com/lists/oss-security/2022/01/11/4
 https://www.openwall.com/lists/oss-security/2022/06/04/2
 https://github.com/tr3ee/CVE-2021-4204
Notes:
 carnil> Similar issue with CVE-2021-34866.
 carnil> To be checked, fixed as well with the refactoring in
 carnil> c25b2ae13603 ("bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX
 carnil> | PTR_MAYBE_NULL")?
 carnil> Introduced after 457f44363a88 ("bpf: Implement BPF ring buffer
 carnil> and verifier support for it") in 5.8-rc1.
 carnil> Fixed as well in 5.15.17 for 5.15.y.
 carnil> The main fix seems to be 64620e0a1e71 ("bpf: Fix out of bounds
 carnil> access for ringbuf helpers") but has pre-requisite work done.
Bugs:
upstream: released (5.17-rc1) [be80a1d3f9dbe5aee79a325964f7037fe2d92f30, d400a6cf1c8a57cdf10f35220ead3284320d85ff, 6788ab23508bddb0a9d88e104284922cb2c22b77, 64620e0a1e712a778095bd35cbb277dc2259281f, a672b2e36a648afb04ad3bda93b6bda947a479a5, 722e4db3ae0d52b2e3801280afbe19cf2d188e91, 37c8d4807d1b8b521b30310dce97f6695dc2c2c6]
6.1-upstream-stable: N/A "Fixed before branch point"
5.10-upstream-stable: needed
4.19-upstream-stable: N/A "Vulnerable code introduced later"
4.9-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (5.17.3-1)
6.1-bookworm-security: N/A "Fixed before branch point"
5.10-bullseye-security: needed
4.19-buster-security: N/A "Vulnerable code introduced later"
4.9-stretch-security: N/A "Vulnerable code introduced later"