13 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an invalid prog-stats access when updateeffectiveprogs fails. The issue occurs due to a fault-injected operation in updateeffectiveprogs. The problem can be described as follows: c cgroupbpfdetach updateeffectiveprogs...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993109)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993109 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in computeeffectiveprogs Syzbot found a Use After Free bug in...
SUSE CVE-2025-68742
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog-stats access when updateeffectiveprogs fails Syzkaller triggers an invalid memory access issue following fault injection in updateeffectiveprogs. The issue can be described as follows: cgroupbpfdetach...
CVE-2025-68742
CVE-2025-68742: In the Linux kernel, a fault injection in update_effective_progs can cause a BPF prog to be replaced with a dummy prog, leading to a NULL dereference when a softirq runs and accesses prog->stats. The fix prevents updating stats if stats is NULL, avoiding the invalid memory acce...
DEBIAN-CVE-2022-49970
In the Linux kernel, the following vulnerability has been resolved: bpf, cgroup: Fix kernel BUG in purgeeffectiveprogs Syzkaller reported a triggered kernel BUG as follows: ------------ cut here ------------ kernel BUG at kernel/bpf/cgroup.c:925! invalid opcode: 0000 1 PREEMPT SMP NOPTI CPU: 1 PI...
Linux Distros Unpatched Vulnerability : CVE-2024-53054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction A hungtask problem shown...
CVE-2024-53054
In the Linux kernel, the following vulnerability has been resolved: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction A hungtask problem shown below was found: INFO: task kworker/0:0:8 blocked for more than 327 seconds. "echo 0 /proc/sys/kernel/hungtasktimeoutsecs" disables this...
CVE-2024-53054
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-53054
CVE-2024-53054 is documented in connected sources as a Linux kernel issue affecting the cgroup/bpf destruction path. The root cause described is a contention/deadlock risk from cgroup_bpf_release workers, due to mutexes and locks acquired across tasks, which could lead to a hung task scenario. Af...
kernel: heap overflow in __cgroup_bpf_run_filter_getsockopt()
A flaw buffer overflow in the Linux kernel BPF subsystem was found in the way user running BPF script calling getsockopt. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...
ALSA-2021:1578 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c CVE-2019-18811 kernel: use-after-free caused by a...
DEBIAN-CVE-2021-20194
There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y , CONFIGCGROUPBPF=y , CONFIGHARDENEDUSERCOPY not set, and BPF hook to getsockopt is registered. As result of BPF execution, the local user...
openSUSE Security Update : the Linux Kernel (openSUSE-2020-1236)
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. This update is signed with the new UEFI signing key for openSUSE. It contains rebuilds of all available KMP packages also rebuilt with the new UEFi signing key. boo1174543 The following security bugs were fixed : ...