Lucene search
K

262 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-56786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: put bpflink's program when link is safe to be deallocated In general, BPF link's...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-49888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix a sdiv overflow issue Zac Ecob reported a problem where a bpf program may cause kernel crash due to the following error: Oops: divide error: 0000 1...

5.5CVSS6.7AI score0.00234EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-49861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to...

7.1CVSS6.8AI score0.00222EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-56675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use...

7.8CVSS6AI score0.00224EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-49697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a...

5.5CVSS6AI score0.00265EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-52828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Detect IP == ksym.end as part of BPF program Now that bpfthrow kfunc is the first such call instruction that has noreturn semantics within the verifier, th...

6.6CVSS6.3AI score0.00246EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-38662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint...

4.7CVSS6.3AI score0.0022EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2021-33624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF...

4.7CVSS6.8AI score0.00922EPSS
Exploits3References3
SUSE CVE
SUSE CVE
added 2025/02/28 2:21 a.m.3 views

SUSE CVE-2025-21728

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

5.5CVSS7.8AI score0.00182EPSS
Exploits0References14
OSV
OSV
added 2025/02/27 2:7 a.m.9 views

CVE-2025-21728 bpf: Send signals asynchronously if !preemptible

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

5.5CVSS6.1AI score0.00182EPSS
Exploits0References13
NVD
NVD
added 2025/02/26 7:1 a.m.12 views

CVE-2022-49697

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was doing a socket lookup with takes a refcnt on the socket and that it was findin...

5.5CVSS0.00265EPSS
Exploits0References5
OSV
OSV
added 2025/02/26 2:24 a.m.8 views

CVE-2022-49697 bpf: Fix request_sock leak in sk lookup helpers

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was doing a socket lookup with takes a refcnt on the socket and that it was findin...

5.5CVSS5.4AI score0.00265EPSS
Exploits0References8
CVE
CVE
added 2025/02/26 2:24 a.m.126 views

CVE-2022-49697

CVE-2022-49697 concerns a leak in the Linux kernel caused by a BPF lookup path that could leak a request_sock. The issue occurs when a BPF program performs a socket lookup that takes a refcnt on the socket and, after locating the child request_socket, returns the parent LISTEN socket via sk_to_fu...

5.5CVSS5.4AI score0.00265EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2025/02/26 2:24 a.m.8 views

CVE-2022-49697

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix requestsock leak in sk lookup helpers A customer reported a requestsocket leak in a Calico cloud environment. We found that a BPF program was doing a socket lookup with takes a refcnt on the socket and that it was findin...

5.5CVSS5.4AI score0.00265EPSS
Exploits0
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf,perf: Fixed an invalid progarray access in perfeventdetachbpfprog Syzbot reported a crash that occurs in the following tracing scenario: - Create a tracepoint with attr.inherit=1, attach it to the process, and set the BPF...

5.5CVSS6.2AI score0.00214EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a UAF Use-after-Allocation issue by correcting mismatching between the bpfprog/attachment and tasks-trace-RCU flavors. Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. However, it is possible ...

7.8CVSS6.2AI score0.00224EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remapping EPERM in case of connection failure in xstcpsetupsocket. When using a BPF program on kernelconnect, the call may return -EPERM. This causes xstcpsetupsocket to loop indefinitely, filling up the syslog and...

5.5CVSS6.1AI score0.00231EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Consider the return from setmemoryro when using bpfproglockro setmemoryro may fail, leaving memory unprotected. Consider this return value as an error...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.16 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-42246)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42246 advisory. - In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remap EPERM in case of...

5.5CVSS6.1AI score0.00231EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/01/10 12:21 a.m.3 views

SUSE CVE-2024-56665

In the Linux kernel, the following vulnerability has been resolved: bpf,perf: Fix invalid progarray access in perfeventdetachbpfprog Syzbot reported 1 crash that happens for following tracing scenario: - create tracepoint perf event with attr.inherit=1, attach it to the process and set bpf progra...

5.5CVSS7.7AI score0.00214EPSS
Exploits0References13
Rows per page
Query Builder