Description: eBPF 32-bit source register truncation on div/mod
References:
 https://www.openwall.com/lists/oss-security/2021/06/23/1
Notes:
 carnil> Introduced by 68fda450a7df ("bpf: fix 32-bit divide by zero")
 carnil> in 4.15-rc9 (and was backported to 4.9.79). Though the specifc
 carnil> attack will not work on v4.9.y as pointer arithmetic is
 carnil> prohibited on those kernels.
 bwh> For 4.9, commits f6b1b3bf0d5f "bpf: fix subprog verifier bypass by
 bwh> div/mod by 0 exception" and d405c7407a54 "bpf: allocate 0x06 to new
 bwh> eBPF instruction class JMP32" etc. need to be applied first.
Bugs:
upstream: released (5.11) [e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90]
5.10-upstream-stable: released (5.10.16) [1d16cc210fabd0a7ebf52d3025f81c2bde054a90]
4.19-upstream-stable: released (4.19.206) [1d16cc210fabd0a7ebf52d3025f81c2bde054a90]
4.9-upstream-stable: needed
sid: released (5.10.19-1)
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: released (4.19.208-1)
4.9-stretch-security: ignored "EOL"