linux-aws:groovy is vulnerable to denial of service. eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=4b81ccebaeee885ab1aa1438133f2991e3a2b6ea
git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2021-3489
security.netapp.com/advisory/ntap-20210716-0004/
ubuntu.com/security/notices/USN-4949-1
ubuntu.com/security/notices/USN-4950-1
www.openwall.com/lists/oss-security/2021/05/11/10
www.zerodayinitiative.com/advisories/ZDI-21-590/