Lucene search
K

164 matches found

Vulnrichment
Vulnrichment
added 2025/02/27 2:18 a.m.7 views

CVE-2024-49570 drm/xe/tracing: Fix a potential TP_printk UAF

In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...

7.5AI score0.0021EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.6 views

The vulnerability of the Linux operating system’s kernel tracing component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel tracing component is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.9AI score0.00255EPSS
Exploits0References43Affected Software6
AstraLinux
AstraLinux
added 2025/02/06 4:28 p.m.2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 "tracing: tprobe-events: Fix leakage of module refcount" moved trymoduleget from findtracepointmodulecb to findtracepoint caller, but that introduced a...

6.4AI score0.0025EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.9 views

The vulnerability of the Linux operating system’s kernel tracing component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel tracing component is related to improper blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00283EPSS
Exploits0References15Affected Software8
SUSE CVE
SUSE CVE
added 2025/01/22 3:49 a.m.4 views

SUSE CVE-2024-57930

In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a TRACEEVENT TPfastassign assigns an address of an allocated string to the ring buffer and then references it in TPprintk, which can be executed...

4.7CVSS7.8AI score0.00198EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/12/12 8:0 a.m.3 views

tracing/timerlat: Fix a race during cpuhp processing

...

4.7CVSS6.7AI score0.00172EPSS
Exploits0
OSV
OSV
added 2024/12/06 3:23 p.m.5 views

OESA-2024-2502 bcc security update

BCC is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples. It makes use of extended BPF Berkeley Packet Filters, formally known as eBPF, a new feature that was first added to Linux 3.15. BCC makes BPF programs easier to write,...

2.8CVSS6.7AI score0.00218EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/12 9:1 a.m.17 views

Low: Red Hat Security Advisory: bcc security update

An update for bcc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

2.8CVSS5.7AI score0.00218EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.10 views

RHEL 9 : bcc (RHSA-2024:9187)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9187 advisory. BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley...

2.8CVSS4.9AI score0.00218EPSS
Exploits0References8
OSV
OSV
added 2024/11/08 3:56 p.m.10 views

RLSA-2024:8831 Low: bcc security update

BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...

2.8CVSS4.1AI score0.00218EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2024/11/05 12:0 a.m.19 views

Low: bcc security update

BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...

2.8CVSS6.7AI score0.00218EPSS
Exploits0References4
OSV
OSV
added 2024/11/05 12:0 a.m.8 views

ALSA-2024:8831 Low: bcc security update

BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...

2.8CVSS4AI score0.00218EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/10/23 12:0 a.m.8 views

The vulnerability of the ftrace_location() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ftracelocation function in the kernel/trace/ftrace.c module of the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.5AI score0.00239EPSS
Exploits0References37Affected Software7
SUSE CVE
SUSE CVE
added 2024/08/27 2:24 a.m.2 views

SUSE CVE-2024-43891

In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...

4.7CVSS7.6AI score0.00225EPSS
Exploits0References3
OSV
OSV
added 2024/08/12 1:38 p.m.6 views

CVE-2024-6760

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...

7.5CVSS5.8AI score0.00741EPSS
Exploits0References2
NVD
NVD
added 2024/08/12 1:38 p.m.33 views

CVE-2024-6760

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...

7.5CVSS0.00741EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/11 2:40 a.m.16 views

CVE-2024-6760 ktrace(2) fails to detach when executing a setuid binary

A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...

6.8AI score0.00741EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.5 views

kernel: tracing: Restructure trace_clock_global() to never block

In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...

5.5CVSS6.9AI score0.00246EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.13 views

PT-2024-37854 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A logic bug in the code disables kernel tracing for setuid programs, allowing unprivileged users to trace and inspect the behavior of setuid programs. This bug may be used by an...

7.5CVSS6.8AI score0.00741EPSS
Exploits0References9
FreeBSD Advisory
FreeBSD Advisory
added 2024/08/07 12:0 a.m.18 views

FreeBSD-SA-24:06.ktrace

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:06.ktrace Security Advisory The FreeBSD Project Topic: ktrace2 fails to detach when executing a setuid binary Category: core Module: ktrace Announced:...

7.5CVSS5.9AI score0.00741EPSS
Exploits0
Rows per page
Query Builder