5 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-50253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nrwords in bpfiterbitsnew Check the validity of nrwords in...
CVE-2024-50253
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nrwords in bpfiterbitsnew Check the validity of nrwords in bpfiterbitsnew. Without this check, when multiplication overflow occurs for nrbits e.g., when nrwords = 0x0400-0001, nrbits becomes 64, stack...
CVE-2024-50253 bpf: Check the validity of nr_words in bpf_iter_bits_new()
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nrwords in bpfiterbitsnew Check the validity of nrwords in bpfiterbitsnew. Without this check, when multiplication overflow occurs for nrbits e.g., when nrwords = 0x0400-0001, nrbits becomes 64, stack...
CVE-2024-50253
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nrwords in bpfiterbitsnew Check the validity of nrwords in bpfiterbitsnew. Without this check, when multiplication overflow occurs for nrbits e.g., when nrwords = 0x0400-0001, nrbits becomes 64, stack...
CVE-2024-50253
In CVE-2024-50253, the Linux kernel fixes a memory-allocator bug in the BPF subsystem: nr_words can overflow nr_bits in bpf_iter_bits_new(), risking stack corruption via bpf_probe_read_kernel_common when nr_words is large (e.g., 0x0400-0001). The patch constrains nr_words to a maximum of 511 and ...