41 matches found
PT-2025-9966
Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.15 through 6.12 Description A vulnerability in the Linux kernel has been identified, related to the handling of bpf timers. The issue arises when the hrtimer cancel function attempts to acquire a lock that is already...
SUSE CVE-2022-48940
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to incorrect copymapvalue When both bpfspinlock and bpftimer are present in a BPF map value, copymapvalue needs to skirt both objects when copying a value into and out of the map. However, the current code does...
UBUNTU-CVE-2022-48940
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to incorrect copymapvalue When both bpfspinlock and bpftimer are present in a BPF map value, copymapvalue needs to skirt both objects when copying a value into and out of the map. However, the current code does...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer error vulnerability exists in Linux kernel that stems from a failure to properly handle objects containing bpfspinlock and bpftimer, leading to possible overwrites and...
DEBIAN-CVE-2024-42239
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...
AZL-47453 CVE-2024-42239 affecting package kernel for versions less than 6.6.43.1-7
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...
AZL-47604 CVE-2024-42239 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...
CVE-2024-42239 bpf: Fail bpf_timer_cancel when callback is being cancelled
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpftimercancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpftimercanceltimer2; bpftimercanceltimer1; Both bpftimercancel calls would wait for the other callback to finish executing,...
kernel: bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel
A use-after-free flaw was found in the Linux kernel’s BPF functionality. This flaw allows a local user to crash the system...
SUSE CVE-2024-41045
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...
CVE-2024-41045
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...
DEBIAN-CVE-2024-41045
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...
AZL-62510 CVE-2024-41045 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...
AZL-67776 CVE-2024-41045 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...
UBUNTU-CVE-2024-41045
In the Linux kernel, the following vulnerability has been resolved: bpf: Defer work in bpftimercancelandfree Currently, the same case as previous patch two timer callbacks trying to cancel each other can be invoked through bpfmapupdateelem as well, or more precisely, freeing map elements containi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in bpftimercancelandfree, where a deadlock may occur if two timer callbacks attempt to cancel each other, or...
PT-2024-7371
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the BPF timer functionality in the Linux kernel. When two or more timer callbacks are executed in parallel and attempt to cancel each other, it can lead to a...
SUSE CVE-2024-26737
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpftimercancelandfree and bpftimercancel The following race is possible between bpftimercancelandfree and bpftimercancel. It will lead a UAF on the timer-timer. bpftimercancel; spinlock; t = timer-time;...
DEBIAN-CVE-2024-26737
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpftimercancelandfree and bpftimercancel The following race is possible between bpftimercancelandfree and bpftimercancel. It will lead a UAF on the timer-timer. bpftimercancel; spinlock; t = timer-time;...
CVE-2024-26737
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpftimercancelandfree and bpftimercancel The following race is possible between bpftimercancelandfree and bpftimercancel. It will lead a UAF on the timer-timer. bpftimercancel; spinlock; t = timer-time;...