Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed potential improper dereferencing of pointers in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case, the argument union bpfattr pointer along...

UBUNTU-CVE-2022-50069

In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case the argument union bpfattr pointer as well as the insn...

CVE-2022-50069

CVE-2022-50069 concerns the Linux kernel BPF subsystem. The root cause is that bpf_sys_bpf() may copy instruction data from a kernel address (via bpfptr_t) without validating it, since copy_from_bpfptr() can dereference in-kernel pointers. This can lead to a use-after-free/invalid dereference in ...

CVE-2021-47337

A vulnerability was found in the Linux kernel's SCSI subsystem. The issue occurs when the system tries to stop an error handler thread that failed to start; if the thread fails to spawn, the kernel may dereference a bad pointer, leading to potential system crash. Mitigation Red Hat has investigat...

CVE-2021-47337

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...

CVE-2021-47337 scsi: core: Fix bad pointer dereference when ehandler kthread is invalid

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix bad pointer dereference when ehandler kthread is invalid Commit 66a834d09293 "scsi: core: Fix error handling of scsihostalloc" changed the allocation logic to call putdevice to perform host cleanup with the...

CVE-2021-47337

The CVE-2021-47337 issue is in the Linux kernel SCSI core path: when an error arises during scsi_host_alloc() and the error-handling ehandler thread fails to spawn, shost->ehandler may be set to ERR_PTR(-ENOMEM) and scsi_host_dev_release() would call kthread_stop() on a NULL/invalid pointer, r...

kernel: BPF: Fix potential bad pointer dereference in bpf_sys_bpf()

In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpfsysbpf The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case the argument union bpfattr pointer as well as the insn...

PT-2025-25995 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0-rc7 Description: A potential bad pointer dereference issue exists in the bpf sys bpf helper function, which allows an eBPF program to load another eBPF program from within the kernel. The issue arises whe...

PT-2022-33415 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: A potential bad pointer dereference issue exists in the bpf sys bpf function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version v5.14 a...

UVI-2021-1001424 scsi: core: Fix bad pointer dereference when ehandler kthread is invalid

scsi: core: Fix bad pointer dereference when ehandler kthread is invalid This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.240 by commit...

PT-2024-11336 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.13.0-rc7 Description: A vulnerability in the Linux kernel has been resolved, which involved a bad pointer dereference when the ehandler kthread is invalid. The issue occurred when the error handler thread fail...