6 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-40908
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp testrun callback syzbot reported crash when rawtp program...
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7009-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7009-1 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use...
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2024:2896-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2896-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were...
BELL-CVE-2024-40908
Bulletin has no description...
CVE-2024-40908
The CVE-2024-40908 issue affects the Linux kernel in the bpf component, specifically the rawtp test_run callback. The root cause is that the run context (task->bpf_ctx) was not properly set for the test_run callback, which SYZBOT reported could crash when a rawtp program called bpf_get_attach_...
CVE-2024-40908 bpf: Set run context for rawtp test_run callback
In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp testrun callback syzbot reported crash when rawtp program executed through the testrun interface calls bpfgetattachcookie helper or any other helper that touches task-bpfctx pointer. Setting the run...