4 matches found
Linux - Kernel Pointer Leak via BPF
/ Commit 82abbf8d2fc46d79611ab58daa7c608df14bb3ee "bpf: do not allow root to mangle valid pointers", first in v4.15 included the following snippet: ========= @@ -2319,43 +2307,29 @@ static int adjustregminmaxvalsstruct bpfverifierenv env, if srcreg-type != SCALARVALUE if dstreg-type != SCALARVALU...
Linux - Kernel Pointer Leak via BPF
Linux - Kernel Pointer Leak via BPF / Commit 82abbf8d2fc46d79611ab58daa7c608df14bb3ee "bpf: do not allow root to mangle valid pointers", first in v4.15 included the following snippet: ========= @@ -2319,43 +2307,29 @@ static int adjustregminmaxvalsstruct bpfverifierenv env, if srcreg-type !=...
Null pointer dereference
On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...
CVE-2017-1000255
On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...