CVE-2024-26906

CVE-2024-26906 : In the Linux kernel, x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault(). A bpf program reading the vsyscall page with bpf_probe_read_kernel() can trigger copy_from_kernel_nofault(), which calls __get_user_asm() and may fault because the vsyscall page is not readab...

CVE-2024-26906 x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...

CVE-2024-26906 x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copyfromkernelnofault When trying to use copyfromkernelnofault to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to handle page fault for address:...

CVE-2021-47128

In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a "security,lockdown,selinux: implement SELinux lockdown" added an implementation of the lockeddown LSM hook to SELinux, with the aim to restric...

CVE-2021-47128 bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks

In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a "security,lockdown,selinux: implement SELinux lockdown" added an implementation of the lockeddown LSM hook to SELinux, with the aim to restric...

CVE-2023-52523

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Reject skmsg egress redirects to non-TCP sockets With a SOCKMAP/SOCKHASH map and an skmsg program user can steer messages sent from one TCP socket s1 to actually egress from another TCP socket s2: tcpbpfsendmsgs1 //...

CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

CVE-2023-52447

In the Linux kernel, the following vulnerability has been resolved: bpf: Defer the free of inner map when necessary When updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2566)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-33542 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.18 through v5.19.1 Description: A potential security issue exists due to the improper freeing of not-finalized bpf prog pack in the Linux Kernel. The actual impact and attack plausibility have not yet been proven...

PT-2025-18481

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which prevented bpf program recursion for raw tracepoint probes. The issue was caused by a bpf program attached to the contention...

DEBIAN-CVE-2021-39711

In bpfprogtestrunskb of testrun.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

GSD-2021-1002474 ice: avoid bpf_prog refcount underflow

ice: avoid bpfprog refcount underflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.83 by commit e65a8707b4cd756d26d246bb2b9fab06eebafac...

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2021:3748-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3748-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs...

EulerOS Virtualization 2.9.1 : kernel (EulerOS-SA-2021-2745)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2021-2745)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:1477-1 Security update for the Linux Kernel

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-13405: The inodeinitowner function in fs/inode.c allowed local users to create files with an unintended group ownership, in a scenario where a directory is SGID t...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5137-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5137-2 advisory. It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5137-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5137-1 advisory. It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use...

SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3415-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3415-1 advisory. - An issue was discovered in the Linux kernel through 5.6.11. sgwrite lacks an sgremoverequest call in a certain failure case, aka...