Lucene search
+L

116 matches found

euvd
euvd
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38900

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL deref in mapkptrmatchtype for scalar regs Commit ab6c637ad027 "bpf: Fix a bpfkptrxchg issue with local kptr" refactored mapkptrmatchtype to branch on btfiskernel before checking basetype. A scalar register stored in...

5.7AI score0.00122EPSS
Exploits0References6
nvd
nvd
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53099

In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIGCFICLANG to CONFIGCFI This was renamed in commit 23ef9d439769 "kcfi: Rename CONFIGCFICLANG to CONFIGCFI" as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out...

0.00156EPSS
Exploits0References2
nvd
nvd
added 2026/06/24 5:17 p.m.10 views

CVE-2026-53090

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS0.00124EPSS
Exploits0References5
euvd
euvd
added 2026/06/24 4:30 p.m.7 views

EUVD-2026-38967

In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIGCFICLANG to CONFIGCFI This was renamed in commit 23ef9d439769 "kcfi: Rename CONFIGCFICLANG to CONFIGCFI" as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out...

5.8AI score0.00156EPSS
Exploits0References2
osv
osv
added 2026/06/24 4:30 p.m.2 views

CVE-2026-53090 bpf: Fix ld_{abs,ind} failure path analysis in subprogs

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 "bpf: Add abnormal return checks.". These are only allowed in subprograms when...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References8
susecve
susecve
added 2026/06/06 2:53 a.m.11 views

SUSE CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

7.5CVSS4.9AI score0.00179EPSS
Exploits1References3
nvd
nvd
added 2026/06/03 1:16 p.m.11 views

CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

5.5CVSS0.00179EPSS
Exploits1References9
attackerkb
attackerkb
added 2026/06/03 10:45 a.m.7 views

CVE-2026-10722

A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...

4.8CVSS5.4AI score0.00179EPSS
Exploits1References9Affected Software1
snyk
snyk
added 2026/06/03 10:45 a.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the loadRawSpec function when parsing BTF collection specifications. An attacker can cause excessive memory allocation or parsing failures by supplying a malicious collection specification to a process...

7.5CVSS6AI score0.00179EPSS
Exploits1References2
euvd
euvd
added 2026/05/27 3:33 p.m.14 views

EUVD-2026-32235

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free of BTF object Refcounting in the checkpseudobtfid function is incorrect: the checkpseudobtfid function might get called with a zero refcounted btf. Fix this, and patch related code accordingly...

5.8AI score0.00124EPSS
Exploits0References4
nvd
nvd
added 2026/05/27 2:17 p.m.12 views

CVE-2026-45951

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free of BTF object Refcounting in the checkpseudobtfid function is incorrect: the checkpseudobtfid function might get called with a zero refcounted btf. Fix this, and patch related code accordingly...

7.8CVSS0.00124EPSS
Exploits0References3
osv
osv
added 2026/05/27 2:17 p.m.13 views

UBUNTU-CVE-2026-45951

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free of BTF object Refcounting in the checkpseudobtfid function is incorrect: the checkpseudobtfid function might get called with a zero refcounted btf. Fix this, and patch related code accordingly...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
nvd
nvd
added 2026/05/27 11:16 a.m.21 views

CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

7.8CVSS0.0012EPSS
Exploits0References7
osv
osv
added 2026/05/27 11:16 a.m.10 views

UBUNTU-CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References3
cve
cve
added 2026/05/27 9:24 a.m.36 views

CVE-2026-45839

CVE-2026-45839 is a Linux kernel vulnerability where negative CO-RE accessor indices in bpf_core_parse_spec() could cause an out-of-bounds read, leading to a deterministic kernel crash during BPF program load on systems with CONFIG_DEBUG_INFO_BTF=y. The issue arises because sscanf parses componen...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References7Affected Software1
cnnvd
cnnvd
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from incorrect reference counting of BTF objects in the checkpseudobtfid function. This vulnerability...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/27 12:0 a.m.23 views

PT-2026-43673

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the bpf core parse spec function fails to reject negative CO-RE Compile Once - Run Everywhere accessor indices. CO-RE accessor strings use...

9.8CVSS6AI score0.03663EPSS
Exploits18References285
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: The registration of structops that uses the module ptr was rejected, and the module btfid is missing. There is a UAF report in bpfstructops when CONFIGMODULES=n. Specifically, the report relates to tcpcongestionops, which ha...

7.8CVSS6.4AI score0.00193EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: The error check in parsebtffield has been fixed. btffindstructmember may return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. This issue is fixed b...

5.5CVSS5.2AI score0.00211EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed the re-attachment branch in bpftracingprogattach. The following scenario can cause a crash due to a missing attachbtf: 1 Load the rawtp program. 2 Load the fentry program with rawtp as targetfd. 3 Create a tracing...

5.5CVSS6.3AI score0.00231EPSS
Exploits0References2
Rows per page
Query Builder