CVE-2024-58098 bpf: track changes_pkt_data property for global functions

In the Linux kernel, the following vulnerability has been resolved: bpf: track changespktdata property for global functions When processing calls to certain helpers, verifier invalidates all packet pointers in a current state. For example, consider the following program: attributenoinline long...

LSN-0082-1 Kernel Live Patch Security Notice

Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel...

openSUSE Security Update : the Linux Kernel (openSUSE-2021-532)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 leading...

CVE-2021-3444

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure kernel...