An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit. CREATE(Triage):(User=admin) [CVE-2020-27170|https://nvd.nist.gov/vuln/detail/CVE-2020-27170]
