Lucene search
K

56 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-56786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: put bpflink's program when link is safe to be deallocated In general, BPF link's...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-46754

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Remove tstrun from lwtseg6localprogops. The syzbot reported that the lwtseg6 related BPF ops can be invoked via bpftestrun without without entering...

5.5CVSS6.5AI score0.00205EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-42063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Mark bpf prog stack with kmsanunposionmemory in interpreter mode syzbot reported uninit memory usages during maplookup,deleteelem. ========== BUG: KMSAN:...

5.5CVSS6.5AI score0.00222EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/02/27 3:10 a.m.2 views

SUSE CVE-2022-49228

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...

5.5CVSS6.9AI score0.00243EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/27 2:7 a.m.14 views

CVE-2025-21728 bpf: Send signals asynchronously if !preemptible

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

0.00182EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/02/27 2:7 a.m.4 views

CVE-2025-21728

In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...

5.5CVSS5.6AI score0.00182EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/26 2:13 a.m.14 views

CVE-2022-49548 bpf: Fix potential array overflow in bpf_trampoline_get_progs()

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpftrampolinegetprogs The cnt value in the 'cnt = BPFMAXTRAMPPROGS' check does not include BPFTRAMPMODIFYRETURN bpf programs, so the number of the attached BPFTRAMPMODIFYRETURN bpf programs in...

0.00288EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/26 1:55 a.m.4 views

CVE-2022-49207 bpf, sockmap: Fix memleak in sk_psock_queue_msg

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down operation we may enqueue data on the ingress msg queue while tear down is trying to free it. sk1 redirect sk2 sk2 -------------------...

6.3AI score0.00252EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.8 views

The vulnerability of the trie_get_next_key() function in the kernel/bpf/lpm_trie.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the triegetnextkey function in the kernel/bpf/lpmtrie.c module of the Linux operating system is related to memory allocation beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...

7.8CVSS6.9AI score0.00267EPSS
Exploits0References27Affected Software7
RedhatCVE
RedhatCVE
added 2024/12/29 2:45 p.m.10 views

CVE-2024-56592

In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the htab, it may hold the last reference of the map. bpfmapfdputptr will invoke bpfmapfreeid to free the id of the removed map element...

5.5CVSS6.8AI score0.00213EPSS
Exploits0References4
OSV
OSV
added 2024/12/27 2:51 p.m.9 views

CVE-2024-56615 bpf: fix OOB devmap writes when deleting elements

In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as...

7.8CVSS5.9AI score0.00257EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.3 views

kernel: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld before calling bpf map helpers These three bpfmaplookup,update,deleteelem helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program,...

7.8CVSS6.7AI score0.00238EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.4 views

kernel: local privileges escalation in kernel/bpf/verifier.c

A flaw was found in the Linux kernel's adjustptrminmaxvals in the kernel/bpf/verifier.c function. In this flaw, a missing sanity check for ORNULL pointer types that perform pointer arithmetic may cause a kernel information leak issue...

7.8CVSS6.8AI score0.0193EPSS
Exploits5References5
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.5 views

The vulnerability of the htab_map_alloc() function in the kernel/bpf/hashtab.c module of the BPF subsystem in Linux kernel-based operating systems on 32-bit architectures allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the htabmapalloc function in the kernel/bpf/hashtab.c module of the Linux operating system’s BPF subsystem in 32-bit architectures is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS6.7AI score0.00251EPSS
Exploits0References50Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.6 views

The vulnerability of the dev_map_init_map() function in the kernel/bpf/devmap.c module of the BPF subsystem of the Linux operating system allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the devmapinitmap function in the kernel/bpf/devmap.c module of the Linux kernel’s BPF subsystem is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS6.6AI score0.00248EPSS
Exploits0References44Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/03/11 12:0 a.m.6 views

The vulnerability of the bpf_map_put() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bpfmapput function in the kernel/bpf/syscall.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.8CVSS6.4AI score0.00248EPSS
Exploits0References22Affected Software3
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: bpf: Skip invalid kfunc call in backtrack_insn

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

5.5CVSS6.8AI score0.00229EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:20 a.m.4 views

SUSE CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

7.8CVSS6.4AI score0.00505EPSS
Exploits0References23
Vulnrichment
Vulnrichment
added 2022/10/21 12:0 a.m.6 views

CVE-2022-3646 Linux Kernel BPF segment.c nilfs_attach_log_writer memory leak

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfsattachlogwriter of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply ...

3.1CVSS5AI score0.00812EPSS
Exploits0References4
OSV
OSV
added 2022/10/19 9:15 a.m.5 views

UBUNTU-CVE-2022-3606

A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function findprogbysecinsn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The...

5.5CVSS5.1AI score0.00315EPSS
Exploits0References5
Rows per page
Query Builder