Lucene search
K

8 matches found

CVE
CVE
added 2025/10/01 11:45 a.m.14 views

CVE-2022-50450

Summary: CVE-2022-50450 concerns a heap‑based buffer overflow in the ELF handling of libbpf used by BPF loading in the Linux kernel context. The root cause, as described by connected sources, is the direct use of the ELF header field e_shnum to count section headers, which can overflow a heap whe...

6.4AI score
Exploits0
CVE
CVE
added 2025/09/15 2:21 p.m.50 views

CVE-2023-53221

The CVE-2023-53221 case concerns a vulnerability in the Linux kernel where a memleak can occur if fentry attachment fails for a BPF trampoline image. The description states that, when the fentry attach fails, the allocated trampoline image remains in memory and can be observed in /proc/kallsyms a...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References4Affected Software1
SUSE CVE
SUSE CVE
added 2025/05/21 12:46 a.m.3 views

SUSE CVE-2025-37939

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext corerelo header Update btfextparseinfo to ensure the corerelo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project...

5.5CVSS6.6AI score0.00158EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.20 views

The vulnerability of the libbpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the libbpf component in the Linux operating system’s kernel is related to integer overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS6.5AI score0.00277EPSS
Exploits0References8Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/13 12:0 a.m.6 views

The vulnerability of the libbpf component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the libbpf component in the Linux operating system’s kernel is related to errors in reading beyond the boundary in the bpfxdpquery function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References20Affected Software4
OSV
OSV
added 2024/05/21 3:15 p.m.1 views

DEBIAN-CVE-2021-47417

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix memory leak in strset Free struct strset itself, not just its internal parts...

5.5CVSS5.4AI score0.00194EPSS
Exploits0References1
OSV
OSV
added 2023/09/04 11:39 a.m.4 views

CLSA-2023-1693827560 Fix of 9 CVEs

Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...

6.7CVSS6.8AI score0.0048EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.6 views

The vulnerability of the `find_prog_by_sec_insn()` function (located in `tools/lib/bpf/libbpf.c`) in the Linux operating system kernel allows a attacker to cause a service failure.

The vulnerability of the findprogbysecinsn function located in tools/lib/bpf/libbpf.c in Linux kernel systems is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.1AI score0.00315EPSS
Exploits0References12Affected Software6
Rows per page
Query Builder