14 matches found
CVE-2016-4557
The replacemapfdwithmapptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service use-after-free via crafted BPF instructions that reference an incorrect file...
CVE-2016-2383
The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...
CVE-2016-2383
The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...
CVE-2015-4700
The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler...
Code injection
The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler...
CVE-2015-4700
The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler...
CVE-2015-4700
The bpfintjitcompile function in arch/x86/net/bpfjitcomp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service system crash by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler...
Ubuntu: Security Advisory (USN-2262-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2262-1: Linux kernel (Quantal HWE) vulnerabilities
A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service system crash via crafted BPF instructions. CVE-2014-3144 A remainder calculation error was discovered in the socket filter subsystem of the Lin...
USN-2252-1: Linux kernel (EC2) vulnerabilities
A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service system crash via crafted BPF instructions. CVE-2014-3144 A remainder calculation error was discovered in the socket filter subsystem of the Lin...
USN-2251-1: Linux kernel vulnerabilities
A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service system crash via crafted BPF instructions. CVE-2014-3144 A remainder calculation error was discovered in the socket filter subsystem of the Lin...
Debian DSA-2949-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation : - CVE-2014-3144/ CVE-2014-3145 A local user can cause a denial of service system crash via crafted BPF instructions. - CVE-2014-3153 Pinkie Pie discovered an issue in th...
CVE-2014-3145
The BPFSANCNLATTRNEST extension implementation in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service over-read and system crash via crafted BPF instructions. NOTE:...
CVE-2014-3145
CVE-2014-3145 is disclosed in multiple Nessus advisories linked to the Linux kernel up to 3.14.3. The vulnerability resides in the BPF_S_ANC_NLATTR_NEST extension within sk_run_filter() in net/core/filter.c, where a reverse-order subtraction allows a local user to trigger an over-read leading to ...