Lucene search
K

261 matches found

EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38942

In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...

5.7AI score0.00164EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.7 views

CVE-2026-53074

Summary of CVE-2026-53074 (Linux kernel) : The issue occurs in the bpf_prog_test_run_skb() path where the code may access ip_hdr(skb) or ipv6_hdr(skb) for IPv4/IPv6 inputs even when only an Ethernet header is present. If the Ethernet frame carries an IPv4/IPv6 EtherType but the Layer 3 header is ...

5.7AI score0.00164EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: BPF: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly ensures that indirect function calls use a function pointer type that matches the target function. I encountered the following type...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/19 2:43 p.m.11 views

EUVD-2026-38034

In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF prog and replaces it with a new one while another thread is sending a U...

5.7AI score0.00102EPSS
Exploits0References8
CVE
CVE
added 2026/06/19 2:43 p.m.22 views

CVE-2026-52910

The CVE-2026-52910 issue is in the Linux kernel where a cBPF reuseport program may be freed immediately when detached from a reuseport group, without waiting for an RCU grace period. This can lead to a use-after-free and potential memory corruption when a concurrent UDP send crosses the fast path...

7.8CVSS5.7AI score0.00102EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fix tailcallreachable rejection for interpreter when jit failed During testing of f263a81451c1 “bpf: Track subprog poke descriptors correctly and fix use-after-free” under various failure conditions, for example, when...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Consider the return from setmemoryro when using bpfproglockro setmemoryro may fail, leaving memory unprotected. Consider this return value as an error...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Detecting IP == ksym.end as part of the BPF program Now, since bpfthrow is the first call instruction with noreturn semantics within the verifier, this also leads to the elimination of dead code in unprecedented ways. For...

6.6CVSS5.5AI score0.00248EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32255

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

5.8AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-45971

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

5.5CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.39 views

CVE-2026-45971 bpf: Limit bpf program signature size

In the Linux kernel, the following vulnerability has been resolved: bpf: Limit bpf program signature size Practical BPF signatures are significantly smaller than KMALLOCMAXCACHESIZE Allowing larger sizes opens the door for abuse by passing excessive size values and forcing the kernel into expensi...

0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 11:16 a.m.19 views

CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

7.8CVSS0.0012EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43834

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The map direct value addr function of the instruction array map incorrectly adds an offset to the resulting address. This occurs because the resolve pseudo ldimm64 function subsequently...

5.5CVSS5.2AI score0.00107EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.19 views

PT-2026-43673

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the bpf core parse spec function fails to reject negative CO-RE Compile Once - Run Everywhere accessor indices. CO-RE accessor strings use...

9.8CVSS6AI score0.03663EPSS
Exploits15References285
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013208 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Cali...

5.5CVSS6.2AI score0.00259EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 4:14 p.m.4 views

CVE-2026-23383

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler on arm64 architectures. The BPF JIT allocator incorrectly requests a 4-byte alignment for its buffer, while a critical target field within the bpfplt structure requires 8-byte alignment. This misalignment...

7CVSS6AI score0.00129EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/22 12:24 a.m.7 views

SUSE CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

5.3CVSS5.7AI score0.00096EPSS
Exploits0References23
EUVD
EUVD
added 2026/03/20 9:32 a.m.4 views

EUVD-2026-13605

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

5.6AI score0.00096EPSS
Exploits0References5
NVD
NVD
added 2026/03/20 9:16 a.m.5 views

CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

7.8CVSS0.00096EPSS
Exploits0References6
OSV
OSV
added 2026/03/20 9:16 a.m.5 views

UBUNTU-CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

7.8CVSS5.7AI score0.00096EPSS
Exploits0References6
Rows per page
Query Builder