DEBIAN-CVE-2022-50167

In the Linux kernel, the following vulnerability has been resolved: bpf: fix potential 32-bit overflow when accessing ARRAY map element If BPF array map is bigger than 4GB, element pointer calculation can overflow because both index and elemsize are u32. Fix this everywhere by forcing 64-bit...

UBUNTU-CVE-2022-49975

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

CVE-2022-49975 bpf: Don't redirect packets with invalid pkt_len

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop a flow whitout any skbs, that is, the flow-head is null. The root cause, as the 2 says, is because that bpfprogtestrunskb run a bpf...

CVE-2025-38012

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g. bpfforeach macro ignores error returns from new. bpfiterscxdsqnew cou...

PT-2025-25901

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been identified in the Linux kernel where the bpf prog test run skb function runs a bpf program that redirects empty skbs, causing the fq codel drop function to attem...

DEBIAN-CVE-2025-37948

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...

CVE-2025-37948

CVE-2025-37948 affects the Linux kernel arm64 and is fixed by adding a BHB mitigation in the epilogue of BPF programs (cBPF) loaded via seccomp. The vulnerability arises when a classic cBPF program manipulates the branch history to influence speculative execution. The published details indicate t...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21922)

"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21922 advisory. - In the Linux kernel, the following vulnerability has been resolved: ppp: Fix KMSAN uninit-value warning wit...

AZL-69929 CVE-2024-58100 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

CVE-2024-58100

CVE-2024-58100 concerns the Linux kernel BPF verifier and how it handles the changes_pkt_data property for extension/global programs. The available details describe a commit that: adds a changes_pkt_data flag to struct bpf_prog_aux, sets this flag for the main sub-program in check_cfg() and for o...

CVE-2022-49764

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

AZL-69716 CVE-2022-49764 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

CVE-2022-49840 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()

In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix alignment problem in bpfprogtestrunskb We got a syzkaller problem because of aarch64 alignment fault if KFENCE enabled. When the size from user bpf program is an odd number, like 399, 407, etc, it will cause the...

CVE-2022-49764 bpf: Prevent bpf program recursion for raw tracepoint probes

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

CVE-2022-49764 bpf: Prevent bpf program recursion for raw tracepoint probes

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

CVE-2022-49764

CVE-2022-49764 (Linux kernel) : A vulnerability in BPF raw tracepoint handling allows a BPF program to recursion-trigget the same tracepoint via bpf_trace_printk, causing spinlock contention paths to recurse and potentially affecting tracing by taking the slow path. Root cause: a BPF program atta...

CVE-2022-49764

In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent bpf program recursion for raw tracepoint probes We got report from sysbot 1 about warnings that were caused by bpf program attached to contentionbegin raw tracepoint triggering the same tracepoint by using...

PT-2025-18557 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A problem of alignment in the bpf prog test run skb function has been resolved. The issue occurred when the size of the user bpf program was an odd number, causing unaligned access to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a recursive call to the bpf program, which could lead to a deadlock...

CVE-2024-58099

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3xdpxmitframe Andrew and Nikolay reported connectivity issues with Cilium's service load-balancing in case of vmxnet3. If a BPF program for native XDP adds an encapsulation header such as...