Lucene search
+L

116 matches found

OSV
OSV
added 2025/02/26 1:55 a.m.11 views

CVE-2022-49228 bpf: Fix a btf decl_tag bug when tagging a function

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS5.3AI score0.00243EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between btftrygetmodule and loadmodule resulting in reuse after release...

7.8CVSS5.3AI score0.00258EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: bpf: Fix re-attachment branch in bpf_tracing_prog_attach

bpf: Fix re-attachment branch in bpftracingprogattach The following case can cause a crash due to missing attachbtf: 1 load rawtp program 2 load fentry program with rawtp as targetfd 3 create tracing link for fentry program with targetfd = 0 4 repeat 3 In the end we have: - prog-aux-dsttrampoline...

5.5CVSS6.9AI score0.00231EPSS
Exploits0References5
NVD
NVD
added 2024/11/07 10:15 a.m.44 views

CVE-2024-50161

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...

5.5CVSS0.00183EPSS
Exploits0References2
OSV
OSV
added 2024/11/07 10:15 a.m.6 views

DEBIAN-CVE-2024-50161

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...

5.5CVSS4.9AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/07 9:31 a.m.1 views

CVE-2024-50161 bpf: Check the remaining info_cnt before repeating btf fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...

7.6AI score0.00183EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/07 9:31 a.m.40 views

CVE-2024-50161 bpf: Check the remaining info_cnt before repeating btf fields

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...

0.00183EPSS
Exploits0References2
OSV
OSV
added 2024/09/18 8:15 a.m.6 views

DEBIAN-CVE-2024-46764

In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...

7.1CVSS5.7AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2024/09/18 8:15 a.m.5 views

UBUNTU-CVE-2024-46764

In the Linux kernel, the following vulnerability has been resolved: bpf: add check for invalid name in btfnamevalidsection If the length of the name string is 1 and the value of name0 is NULL byte, an OOB vulnerability occurs in btfnamevalidsection and the return value is true, so the invalid nam...

7.1CVSS5.7AI score0.00223EPSS
Exploits0References5
OSV
OSV
added 2024/08/22 4:15 a.m.1 views

DEBIAN-CVE-2022-48929

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btfids. When commit e6ac2450d6de "bpf: Support bpf program calling kernel function" added kfunc support, it defined reg2btfids as a cheap way to translate the verifier reg type ...

5.5CVSS5.4AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/22 3:31 a.m.34 views

CVE-2022-48929 bpf: Fix crash due to out of bounds access into reg2btf_ids.

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix crash due to out of bounds access into reg2btfids. When commit e6ac2450d6de "bpf: Support bpf program calling kernel function" added kfunc support, it defined reg2btfids as a cheap way to translate the verifier reg type ...

0.0021EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.8 views

The vulnerability of the parse_btf_field() function in the Linux kernel debugging subsystem allows a attacker to cause a service failure.

The vulnerability of the parsebtffield function in the kernel/trace/traceprobe.c module of the Linux kernel’s tracing subsystem is related to improper code validation for the btffindstructmember function’s return value. Exploiting this vulnerability could allow an attacker to trigger a service...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References11Affected Software3
SUSE CVE
SUSE CVE
added 2024/06/24 11:17 p.m.5 views

SUSE CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

5.5CVSS7.7AI score0.00211EPSS
Exploits0References3
OSV
OSV
added 2024/06/21 12:15 p.m.9 views

AZL-42854 CVE-2024-36481 affecting package kernel for versions less than 5.15.160.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.7 views

AZL-42834 CVE-2024-36481 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

5.5CVSS5.6AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2024/06/21 12:15 p.m.3 views

DEBIAN-CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

5.5CVSS5AI score0.00211EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/06/21 12:15 p.m.29 views

CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

5.5CVSS5.8AI score0.00211EPSS
Exploits0References12
OSV
OSV
added 2024/06/21 12:15 p.m.5 views

UBUNTU-CVE-2024-36481

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parsebtffield btffindstructmember might return NULL or an error via the ERRPTR macro. However, its caller in parsebtffield only checks for the NULL condition. Fix this by using ISERR and returni...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2024/06/21 3:6 a.m.4 views

SUSE CVE-2024-38574

In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpfobjecloadprog, there's no guarantee that obj-btf is non-NULL when passing it to btffd, and this function does not perform any check before dereferencing...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References3
NVD
NVD
added 2024/06/19 2:15 p.m.25 views

CVE-2024-38574

In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpfobjecloadprog, there's no guarantee that obj-btf is non-NULL when passing it to btffd, and this function does not perform any check before dereferencing...

5.5CVSS0.00225EPSS
Exploits0References3
Rows per page
Query Builder