116 matches found
CVE-2022-49228 bpf: Fix a btf decl_tag bug when tagging a function
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between btftrygetmodule and loadmodule resulting in reuse after release...
kernel: bpf: Fix re-attachment branch in bpf_tracing_prog_attach
bpf: Fix re-attachment branch in bpftracingprogattach The following case can cause a crash due to missing attachbtf: 1 load rawtp program 2 load fentry program with rawtp as targetfd 3 create tracing link for fentry program with targetfd = 0 4 repeat 3 In the end we have: - prog-aux-dsttrampoline...
CVE-2024-50161
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...
DEBIAN-CVE-2024-50161
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...
CVE-2024-50161 bpf: Check the remaining info_cnt before repeating btf fields
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...
CVE-2024-50161 bpf: Check the remaining info_cnt before repeating btf fields
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...
DEBIAN-CVE-2024-46764
In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...
UBUNTU-CVE-2024-46764
In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...
DEBIAN-CVE-2022-48929
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btfids. When commit e6ac2450d6de "bpf: Support bpf program calling kernel function" added kfunc support, it defined reg2btfids as a cheap way to translate the verifier reg type ...
CVE-2022-48929 bpf: Fix crash due to out of bounds access into reg2btf_ids.
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btfids. When commit e6ac2450d6de "bpf: Support bpf program calling kernel function" added kfunc support, it defined reg2btfids as a cheap way to translate the verifier reg type ...
The vulnerability of the parse_btf_field() function in the Linux kernel debugging subsystem allows a attacker to cause a service failure.
The vulnerability of the parsebtffield function in the kernel/trace/traceprobe.c module of the Linux kernel’s tracing subsystem is related to improper code validation for the btffindstructmember function’s return value. Exploiting this vulnerability could allow an attacker to trigger a service...
SUSE CVE-2024-36481
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...
AZL-42854 CVE-2024-36481 affecting package kernel for versions less than 5.15.160.1-1
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...
AZL-42834 CVE-2024-36481 affecting package kernel for versions less than 6.6.35.1-4
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...
DEBIAN-CVE-2024-36481
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...
CVE-2024-36481
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...
UBUNTU-CVE-2024-36481
In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...
SUSE CVE-2024-38574
In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpfobjecloadprog, there's no guarantee that obj-btf is non-NULL when passing it to btffd, and this function does not perform any check before dereferencing...
CVE-2024-38574
In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpfobjecloadprog, there's no guarantee that obj-btf is non-NULL when passing it to btffd, and this function does not perform any check before dereferencing...