56 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-56786
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: put bpflink's program when link is safe to be deallocated In general, BPF link's...
Linux Distros Unpatched Vulnerability : CVE-2024-46754
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Remove tstrun from lwtseg6localprogops. The syzbot reported that the lwtseg6 related BPF ops can be invoked via bpftestrun without without entering...
Linux Distros Unpatched Vulnerability : CVE-2024-42063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Mark bpf prog stack with kmsanunposionmemory in interpreter mode syzbot reported uninit memory usages during maplookup,deleteelem. ========== BUG: KMSAN:...
SUSE CVE-2022-49228
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a btf decltag bug when tagging a function syzbot reported a btf decltag bug with stack trace below: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASAN KASAN:...
CVE-2025-21728 bpf: Send signals asynchronously if !preemptible
In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...
CVE-2025-21728
In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpfsendsignal kfunc, it will cause issues because this kfunc can...
CVE-2022-49548 bpf: Fix potential array overflow in bpf_trampoline_get_progs()
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpftrampolinegetprogs The cnt value in the 'cnt = BPFMAXTRAMPPROGS' check does not include BPFTRAMPMODIFYRETURN bpf programs, so the number of the attached BPFTRAMPMODIFYRETURN bpf programs in...
CVE-2022-49207 bpf, sockmap: Fix memleak in sk_psock_queue_msg
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in skpsockqueuemsg If tcpbpfsendmsg is running during a tear down operation we may enqueue data on the ingress msg queue while tear down is trying to free it. sk1 redirect sk2 sk2 -------------------...
The vulnerability of the trie_get_next_key() function in the kernel/bpf/lpm_trie.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the triegetnextkey function in the kernel/bpf/lpmtrie.c module of the Linux operating system is related to memory allocation beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of t...
CVE-2024-56592
In the Linux kernel, the following vulnerability has been resolved: bpf: Call freehtabelem after htabunlockbucket For htab of maps, when the map is removed from the htab, it may hold the last reference of the map. bpfmapfdputptr will invoke bpfmapfreeid to free the id of the removed map element...
CVE-2024-56615 bpf: fix OOB devmap writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as...
kernel: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers
In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld before calling bpf map helpers These three bpfmaplookup,update,deleteelem helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program,...
kernel: local privileges escalation in kernel/bpf/verifier.c
A flaw was found in the Linux kernel's adjustptrminmaxvals in the kernel/bpf/verifier.c function. In this flaw, a missing sanity check for ORNULL pointer types that perform pointer arithmetic may cause a kernel information leak issue...
The vulnerability of the htab_map_alloc() function in the kernel/bpf/hashtab.c module of the BPF subsystem in Linux kernel-based operating systems on 32-bit architectures allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the htabmapalloc function in the kernel/bpf/hashtab.c module of the Linux operating system’s BPF subsystem in 32-bit architectures is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...
The vulnerability of the dev_map_init_map() function in the kernel/bpf/devmap.c module of the BPF subsystem of the Linux operating system allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the devmapinitmap function in the kernel/bpf/devmap.c module of the Linux kernel’s BPF subsystem is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the bpf_map_put() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the bpfmapput function in the kernel/bpf/syscall.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...
kernel: bpf: Skip invalid kfunc call in backtrack_insn
In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...
SUSE CVE-2018-25020
The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...
CVE-2022-3646 Linux Kernel BPF segment.c nilfs_attach_log_writer memory leak
A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfsattachlogwriter of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply ...
UBUNTU-CVE-2022-3606
A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function findprogbysecinsn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The...