Lucene search
K

17 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed incorrect pruning due to atomic fetch precision tracking When backtrackinsn encounters a BPFSTX instruction with BPFATOMIC and BPFFETCH, the src register or r0 for BPFCMPXCHG also acts as a destination, thereby receivi...

7.8CVSS5.9AI score0.00134EPSS
Exploits0References1
NVD
NVD
added 2026/06/02 4:16 p.m.10 views

CVE-2026-45679

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate...

6.5CVSS0.00212EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992606)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992606 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference ...

4.7CVSS5.2AI score0.00101EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/05/21 12:46 a.m.11 views

SUSE CVE-2025-37963

In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Support for eBPF programs loaded by unprivileged users is typically disabled. This means only cBPF programs need to be mitigated for BHB. In addition, only...

2.5CVSS6.3AI score0.00158EPSS
Exploits0References23
OSV
OSV
added 2025/05/01 3:16 p.m.2 views

DEBIAN-CVE-2022-49873

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type conversion in releasereference Some helper functions will allocate memory. To avoid memory leaks, the verifier requires the eBPF program to release these memories by calling the corresponding helper...

5.5CVSS5.6AI score0.00183EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/26 12:55 a.m.3 views

kernel: Linux ebpf logic vulnerability leads to critical memory read and write gaining root privileges

A flaw was found in unrestricted eBPF usage by the BPFBTFLOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system...

7.8CVSS6.8AI score0.00346EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: bpf: Make bpf_refcount_acquire fallible for non-owning refs

A memory-safety flaw was found in the Linux kernel extended Berkeley Packet Filter eBPF subsystem in the way reference counts are acquired for objects after a failed tree insertion. When a program attempts to acquire a reference to a node that may already have been released, the reference count...

7.8CVSS7.2AI score0.0014EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2024/04/10 9:26 a.m.57 views

Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection BHI, can be used to leak arbitrary kernel...

7.1AI score0.08555EPSS
Exploits0
Amazon
Amazon
added 2023/06/28 12:0 a.m.13 views

Important: kernel

Issue Overview: A flaw was found in the x86 KVM subsystem in kvmstealtimesetpreempted in arch/x86/kvm/x86.c in the Linux kernel. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVMVCPUPREEMPTED situations. CVE-2022-39189 In the Linux...

7.8CVSS6.5AI score0.00532EPSS
Exploits3
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.15 views

Linux kernel 信息泄露漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an information disclosure vulnerability that stems from a vulnerability found in the Linux kernel's eBPF validation program when dealing with...

5.5CVSS6.8AI score0.00255EPSS
Exploits0References8
OSV
OSV
added 2022/01/25 4:15 p.m.9 views

UBUNTU-CVE-2021-34866

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling o...

8.8CVSS7.5AI score0.00972EPSS
Exploits0References3
OSV
OSV
added 2021/09/22 2:9 p.m.5 views

USN-5086-1 linux, linux-hwe, linux-hwe-5.11, linux-hwe-5.4 vulnerability

Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

6AI score
Exploits0References2
OSV
OSV
added 2021/06/23 5:10 a.m.10 views

USN-5003-1 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 It was discovered that the eBPF implementation in the Linux kernel...

7.8CVSS7AI score0.00482EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2021/06/08 10:44 p.m.4 views

kernel: Speculation on pointer arithmetic against bpf_context pointer

A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAPSYSADMIN. A local user with the ability to insert eBPF instructions can use the eBPF verifier to abuse a spectre like flaw where they can infer all...

4.7CVSS6.7AI score0.00565EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/06/10 12:0 a.m.44 views

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3005-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3005-1 advisory. Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use th...

7.8CVSS7.1AI score0.06438EPSS
Exploits6References11
Tenable Nessus
Tenable Nessus
added 2016/06/10 12:0 a.m.52 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3006-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3006-1 advisory. Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use th...

7.8CVSS7.1AI score0.06438EPSS
Exploits6References11
OSV
OSV
added 2016/05/06 8:32 p.m.6 views

USN-2965-3 linux-raspi2 vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

10CVSS6.9AI score0.2593EPSS
Exploits32References16
Rows per page
Query Builder