Lucene search
K

959 matches found

BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.9 views

The vulnerability in the kernel/bpf/verifier.c file of the Linux operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability in the kernel/bpf/verifier.c file of the Linux operating system is related to the disclosure of information due to discrepancies. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.7CVSS7AI score0.00565EPSS
Exploits0References29Affected Software6
OSV
OSV
added 2021/02/23 11:15 p.m.6 views

AZL-34857 CVE-2021-20194 affecting package kernel for versions less than 6.6.35.1-4

There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y , CONFIGCGROUPBPF=y , CONFIGHARDENEDUSERCOPY not set, and BPF hook to getsockopt is registered. As result of BPF execution, the local user...

7.8CVSS6.7AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2021/02/17 12:0 a.m.1 views

UBUNTU-CVE-2021-20239

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality...

3.3CVSS6.6AI score0.00255EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2021/01/22 12:0 a.m.3 views

PT-2021-13832 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: linux kernel versions higher than 5.2 Description: The issue arises from a vulnerability in the linux kernel when compiled with specific config parameters, including CONFIG BPF SYSCALL=y, CONFIG BPF=y, CONFIG CGROUPS=y, CONFIG CGROUP BPF=y, a...

8.8CVSS7.7AI score0.07604EPSS
Exploits23References335
OSV
OSV
added 2020/03/30 4:0 p.m.1 views

UBUNTU-CVE-2020-8835

In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the...

7.8CVSS6.7AI score0.0606EPSS
Exploits9References8
BDU FSTEC
BDU FSTEC
added 2019/09/10 12:0 a.m.5 views

The vulnerability of the BPF kernel check mechanism in the Linux operating system allows attackers to escalate their privileges.

The vulnerability of the BPF kernel check mechanism in the Linux operating system arises from reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS5.7AI score0.00533EPSS
Exploits0References55Affected Software3
Veracode
Veracode
added 2019/05/02 5:3 a.m.39 views

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance PI futexes. A local, unprivileged user could use this flaw to escalate their privileges on...

7.8CVSS6.6AI score0.37233EPSS
Exploits24References21Affected Software1
Veracode
Veracode
added 2019/05/02 5:3 a.m.36 views

Privilege Escalation

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance PI futexes. A local, unprivileged user could use this flaw to escalate their privileges on...

7.8CVSS6.6AI score0.37233EPSS
Exploits24References42Affected Software1
OSV
OSV
added 2019/04/24 9:29 p.m.3 views

UBUNTU-CVE-2017-18367

libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument...

7.5CVSS7.1AI score0.0245EPSS
Exploits0References5
Kitploit
Kitploit
added 2019/02/04 12:43 p.m.261 views

Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing

netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space a...

7.5AI score
Exploits0References1
OSV
OSV
added 2018/04/24 6:48 a.m.3 views

USN-3633-1 linux-euclid vulnerability

Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS6.9AI score0.30052EPSS
Exploits16References2
Tenable Nessus
Tenable Nessus
added 2018/04/24 12:0 a.m.86 views

Ubuntu 16.04 LTS : Linux kernel (Intel Euclid) vulnerability (USN-3633-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3633-1 advisory. Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux kernel improperly performed sign extension in some situations. A local attack...

7.8CVSS7.2AI score0.30052EPSS
Exploits16References2
OSV
OSV
added 2018/04/05 8:14 p.m.14 views

USN-3619-2 linux-lts-xenial, linux-aws vulnerabilities

USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux...

7.8CVSS7.1AI score0.30052EPSS
Exploits26References40
OSV
OSV
added 2018/01/10 1:19 p.m.2 views

USN-3523-2 linux-hwe, linux-azure, linux-gcp, linux-oem vulnerabilities

USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch...

7.8CVSS7.1AI score0.84172EPSS
Exploits19References6
Tenable Nessus
Tenable Nessus
added 2018/01/10 12:0 a.m.89 views

Ubuntu 17.10 : linux vulnerabilities (USN-3523-1) (Meltdown)

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

7.8CVSS7.3AI score0.84172EPSS
Exploits19References6
BDU FSTEC
BDU FSTEC
added 2016/07/11 12:0 a.m.5 views

The vulnerability of the Linux operating system’s kernel, which allows a hacker to gain access to confidential information

The vulnerability of the skrunfilter function net/core/filter.c in the Linux operating system is related to the lack of checks for the correctness of memory initialization before executing BPFSLDMEM and BPFSLDXMEM instructions. Exploiting this vulnerability can allow a local attacker to access...

2.1CVSS5.8AI score0.00868EPSS
Exploits2References39Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a service failure

A vulnerability in the Linux kernel allows a local user to trigger a system panic by using specially crafted BPF instructions. The BPFSANCNLATTR and BPFSANCNLATTRNEST instructions cause an error in the skrunfilter function from net/core/filter.c...

4.9CVSS6.5AI score0.00602EPSS
Exploits1References2Affected Software1
Ubuntu
Ubuntu
added 2016/06/10 6:58 a.m.91 views

USN-3007-1: Linux kernel (Raspberry Pi 2) vulnerabilities

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...

7.8CVSS6.8AI score0.06386EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2016/06/10 12:0 a.m.52 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3006-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3006-1 advisory. Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use th...

7.8CVSS7.1AI score0.06386EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2016/06/10 12:0 a.m.44 views

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3005-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3005-1 advisory. Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use th...

7.8CVSS7.1AI score0.06386EPSS
Exploits6References11
Rows per page
Query Builder