Linux Distros Unpatched Vulnerability : CVE-2023-54181

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix issue in verifying allowptrleaks After we converted the capabilities of our networking-bpf program from capsysadmin to capnetadmin+capbpf, our...

Linux Distros Unpatched Vulnerability : CVE-2023-54247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Silence a warning in btftypeidsize syzbot reported a warning in 1 with the following stacktrace: WARNING: CPU: 0 PID: 5005 at kernel/bpf/btf.c:1988...

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: bpf: Don't use tnumrange on array range checking for poke descriptors CVE-2022-49985 kernel: posix-cpu-timers: fix race between...

Linux Distros Unpatched Vulnerability : CVE-2025-22048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LoongArch: BPF: Don't override subprog's return value The verifier test calls: div by 0 in subprog triggers a panic at the ld.bu instruction. The ld.bu insn is...

CVE-2022-49970 bpf, cgroup: Fix kernel BUG in purge_effective_progs

In the Linux kernel, the following vulnerability has been resolved: bpf, cgroup: Fix kernel BUG in purgeeffectiveprogs Syzkaller reported a triggered kernel BUG as follows: ------------ cut here ------------ kernel BUG at kernel/bpf/cgroup.c:925! invalid opcode: 0000 1 PREEMPT SMP NOPTI CPU: 1 PI...

CVE-2025-22048

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Don't override subprog's return value The verifier test calls: div by 0 in subprog triggers a panic at the ld.bu instruction. The ld.bu insn is trying to load byte from memory address returned by the subprog. The...

Linux Distros Unpatched Vulnerability : CVE-2024-50130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in...

Linux Distros Unpatched Vulnerability : CVE-2024-46783

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last...

SUSE SLES15 Security Update : kernel RT (Live Patch 1 for SLE 15 SP6) (SUSE-SU-2024:4139-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4139-1 advisory. This update for the Linux Kernel 6.4.0-150600105 fixes several issues. The following security issues were fixed: - CVE-2024-43861: Fix memory...

Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails bsc1227808...

PT-2023-34921 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue concerns an invalid kfunc call in backtrack insn within the bpf. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

PT-2023-34969 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.10 Description: The issue is related to the bpf in the Linux Kernel, specifically in the send signal common function, where a task with pid=1 is skipped. The actual impact and attack plausibility have not y...

PT-2022-33983 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.141 Description: The issue is related to the bpf, where packets with invalid pkt len are not properly handled, potentially leading to security vulnerabilities. The actual impact and attack plausibility hav...

PT-2022-33413 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.4 Description: The issue concerns a problem in the bpf where map value is not properly reinitialized in prealloc lru pop. The actual impact and attack plausibility have not yet been proven. Recommendations...