116 matches found
DEBIAN-CVE-2024-38574
In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpfobjecloadprog, there's no guarantee that obj-btf is non-NULL when passing it to btffd, and this function does not perform any check before dereferencing...
CVE-2024-38574
In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpfobjecloadprog, there's no guarantee that obj-btf is non-NULL when passing it to btffd, and this function does not perform any check before dereferencing...
kernel: Linux kernel: BPF verifier log truncation via crafted user input
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier log. A local user can exploit this by providing excessively long BPF Type Format BTF names or BTF.ext source code line strings. This can lead to the truncation of a single verifier log line, potentially obscuring important...
SUSE CVE-2021-47190
In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perfenvinsertbtf perfenvinsertbtf doesn't insert if a duplicate BTF id is encountered and this causes a memory leak. Modify the function to return a success/error value and then free the memory if...
CVE-2021-47190 perf bpf: Avoid memory leak from perf_env__insert_btf()
In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perfenvinsertbtf perfenvinsertbtf doesn't insert if a duplicate BTF id is encountered and this causes a memory leak. Modify the function to return a success/error value and then free the memory if...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a memory leak vulnerability in perfenvinsertbtf...
PT-2024-28073 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null-pointer dereference in the libbpf component of the Linux kernel. Specifically, in the bpf objec load prog function, there is no guarantee that obj-btf is...
SUSE CVE-2024-26591
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpftracingprogattach The following case can cause a crash due to missing attachbtf: 1 load rawtp program 2 load fentry program with rawtp as targetfd 3 create tracing link for fentry program with...
DEBIAN-CVE-2024-26591
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix re-attachment branch in bpftracingprogattach The following case can cause a crash due to missing attachbtf: 1 load rawtp program 2 load fentry program with rawtp as targetfd 3 create tracing link for fentry program with...
DEBIAN-CVE-2023-52446
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...
UBUNTU-CVE-2023-52446
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between btfput and mapfree...
PT-2023-8763 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.7.0-rc3-00699-g90679706d486-dirty 494 Description: The vulnerability is related to a race condition between btf put and map free in the Linux kernel. This issue can lead to a slab-use-after-free error,...
kernel: bpf: prevent decl_tag from being referenced in func_proto
A flaw was found in the Linux kernel's BPF BTF BPF Type Format validation. The BTF parser allows a funcproto type to reference a decltag as its return type, which is invalid. When btftypeidsize encounters this unexpected type, it triggers a kernel warning. This can be exploited via the bpf syscal...
PT-2023-36023 · Git +1 · Libbpf
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 4 crash has been reported. The crash involves the functions btf ensure modifiable, btf add var, and bpf object collect extern...
kernel: bpf: Fix UAF due to race between btf_try_get_module and load_module
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF due to race between btftrygetmodule and loadmodule While working on code to populate kfunc BTF ID sets for module BTF from its initcall, I noticed that by the time the initcall is invoked, the module BTF can already ...
SUSE CVE-2021-29648
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolvedids and resolvedsizes are intentionally uninitialized in the vmlinux BPF Type Format BTF, which can cause a system crash upon an unexpected access attempt in mapcreate in...
SUSE CVE-2022-3534
A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btfdumpnamedups of the file tools/lib/bpf/btfdump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this...
PT-2023-33635 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: A bug in BTF ID LIST has been identified when CONFIG DEBUG INFO BTF is not set. The actual impact and potential for attack have not been proven yet. Recommendations: For Linux Kernel version...
PT-2025-54076
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a warning was triggered in the btf type id size function when processing certain BPF Berkeley Packet Filter types. Specifically, a warning occurr...