Lucene search
K

115 matches found

CVE
CVE
added 2025/05/20 3:34 p.m.66 views

CVE-2025-37939

CVE-2025-37939 affects the Linux kernel in the libbpf component, specifically the BTF.ext core_relo header handling. The issue arises when btf_ext_parse_info() reads fields of the core_relo header without confirming its presence, potentially triggering a buffer read overflow as reported by OSS-Fu...

5.5CVSS6.6AI score0.00158EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/05/20 3:34 p.m.7 views

CVE-2025-37939 libbpf: Fix accessing BTF.ext core_relo header

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext corerelo header Update btfextparseinfo to ensure the corerelo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project...

5.5CVSS6.6AI score0.00158EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not verifying the existence of the BTF.ext corerelo header before accessing it in libbpf...

5.5CVSS6.5AI score0.00158EPSS
Exploits0References4
OSV
OSV
added 2025/05/05 3:15 p.m.6 views

UBUNTU-CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changespktdata property for extension programs When processing calls to global sub-programs, verifier decides whether to invalidate all packet pointers in current state depending on the changespktdata property of the...

5.5CVSS6.3AI score0.00152EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/05/05 12:0 a.m.10 views

PT-2025-19711

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns the Linux kernel's handling of extension programs in relation to the changes pkt data property. When processing calls to global sub-programs, the verifier decides...

5.5CVSS5.5AI score0.00152EPSS
Exploits1
OSV
OSV
added 2025/03/06 4:15 p.m.0 views

DEBIAN-CVE-2024-58060

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject structops registration that uses module ptr and the module btfid is missing There is a UAF report in the bpfstructops when CONFIGMODULES=n. In particular, the report is on tcpcongestionops that has a "struct module...

7.8CVSS5.9AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/03/06 4:15 p.m.3 views

UBUNTU-CVE-2024-58060

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject structops registration that uses module ptr and the module btfid is missing There is a UAF report in the bpfstructops when CONFIGMODULES=n. In particular, the report is on tcpcongestionops that has a "struct module...

7.8CVSS6.5AI score0.00193EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.6 views

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel, which arises from a denial of use of a module pointer and a missing struct operation registration for the modu...

7.8CVSS6.7AI score0.00193EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/02/27 3:10 a.m.2 views

SUSE CVE-2022-49228

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS6.9AI score0.00243EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/02/27 3:10 a.m.4 views

SUSE CVE-2022-49236

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...

7CVSS6.5AI score0.00258EPSS
Exploits0References8
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

DEBIAN-CVE-2022-49236

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...

7.8CVSS5.6AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 7:0 a.m.11 views

CVE-2022-49228

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS0.00243EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 7:0 a.m.5 views

DEBIAN-CVE-2022-49228

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS5.4AI score0.00243EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.5 views

UBUNTU-CVE-2022-49228

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS6.1AI score0.00243EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/02/26 1:56 a.m.8 views

CVE-2022-49236 bpf: Fix UAF due to race between btf_try_get_module and load_module

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...

7.3AI score0.00258EPSS
Exploits0References4
CVE
CVE
added 2025/02/26 1:56 a.m.160 views

CVE-2022-49236

CVE-2022-49236 concerns a Linux kernel use-after-free in BPF/BTF handling: a race between module init and module reuse could allow BTF IDs to be published before a module is fully live. The fix, as described in the related documentation, is to set a BTF_MODULE_F_LIVE flag at MODULE_STATE_LIVE so ...

7.8CVSS5.3AI score0.00258EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/02/26 1:56 a.m.27 views

CVE-2022-49236 bpf: Fix UAF due to race between btf_try_get_module and load_module

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...

0.00258EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/26 1:55 a.m.29 views

CVE-2022-49228 bpf: Fix a btf decl_tag bug when tagging a function

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

0.00243EPSS
Exploits0References3
CVE
CVE
added 2025/02/26 1:55 a.m.117 views

CVE-2022-49228

CVE-2022-49228 relates to the Linux kernel and a bug in BTF decl_tag handling during function tagging in BPF. The issue arises when btf_decl_tag_resolve() checks a function type’s func_proto; the code attempted to access func_proto’s vlen for a type 3 function prototype, which was out of range an...

5.5CVSS5.3AI score0.00243EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/26 1:55 a.m.11 views

CVE-2022-49228 bpf: Fix a btf decl_tag bug when tagging a function

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS5.3AI score0.00243EPSS
Exploits0References6
Rows per page
Query Builder