19 matches found
CVE-2026-53096
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter component, specifically within the devmapredirectmulti function. This vulnerability arises from an incorrect iteration method in an RCU Read-Copy-Update protected context, where hlistforeachentrysafe is used without proper RCU...
Linux Distros Unpatched Vulnerability : CVE-2026-53096
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but...
CVE-2026-53096
In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...
CVE-2026-53096
CVE-2026-53096 affects Linux kernel code path in BPF dev_map_redirect_multi() where DEVMAP_HASH uses hlist_for_each_entry_safe() under RCU protection. The function iterates hash buckets without rcu_dereference(), exposing risk of partially constructed nodes on weakly-ordered architectures (ARM64,...
EUVD-2026-38964
In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...
CVE-2026-53096 bpf: Use RCU-safe iteration in dev_map_redirect_multi() SKB path
In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...
NewStart CGSL MAIN 6.06 : blktrace Vulnerability (NS-SA-2025-0216)
The remote NewStart CGSL host, running version MAIN 6.06, has blktrace packages installed that are affected by a vulnerability: - blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because the device and...
The vulnerability of the dev_map_delete_elem() function in the kernel/bpf/devmap.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the devmapdeleteelem function in the kernel/bpf/devmap.c module of the Linux operating system is related to writing beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...
UBUNTU-CVE-2024-56615
In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as...
CVE-2024-42063 bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark bpf prog stack with kmsanunposionmemory in interpreter mode syzbot reported uninit memory usages during maplookup,deleteelem. ========== BUG: KMSAN: uninit-value in devmaplookupelem kernel/bpf/devmap.c:441 inline BUG:...
The vulnerability of the dev_map_init_map() function in the kernel/bpf/devmap.c module of the BPF subsystem of the Linux operating system allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the devmapinitmap function in the kernel/bpf/devmap.c module of the Linux kernel’s BPF subsystem is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
SUSE CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
The vulnerability in the implementation of the dev_map_init_map and sock_map_alloc functions in the Linux kernel allows a hacker to trigger a system crash or enhance their privileges.
The vulnerability of the devmapinitmap and sockmapalloc functions in the Linux kernel exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause the system to crash or increase their privileges...
DEBIAN-CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
UBUNTU-CVE-2021-20268
An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from thi...
The vulnerability of the dev_map_read function in the input/output tracing utility Blktrace allows a attacker to cause a service failure.
The vulnerability of the devmapread function in the Blktrace input/output tracing utility is related to the operation of pushing the output data beyond the allowable buffer size in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
blktrace security update
1.0.5-9 - Fix buffer overflow in the devmapread function 1580579 Fixes CVE-2018-10689...
blktrace: buffer overflow in the dev_map_read function in btt/devmap.c
blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file...
AZL-6328 CVE-2018-10689 affecting package blktrace for versions less than 1.2.0-6
blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file...