164 matches found
CVE-2024-49570 drm/xe/tracing: Fix a potential TP_printk UAF
In the Linux kernel, the following vulnerability has been resolved: drm/xe/tracing: Fix a potential TPprintk UAF The commit afd2627f727b "tracing: Check "%s" dereference via the field and not the TPprintk format" exposes potential UAFs in the xebomove trace event. Fix those by avoiding...
The vulnerability of the Linux operating system’s kernel tracing component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel tracing component is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 "tracing: tprobe-events: Fix leakage of module refcount" moved trymoduleget from findtracepointmodulecb to findtracepoint caller, but that introduced a...
The vulnerability of the Linux operating system’s kernel tracing component, which allows a hacker to trigger a service failure
The vulnerability of the Linux operating system’s kernel tracing component is related to improper blocking. Exploiting this vulnerability can allow an attacker to cause a service failure...
SUSE CVE-2024-57930
In the Linux kernel, the following vulnerability has been resolved: tracing: Have processstring also allow arrays In order to catch a common bug where a TRACEEVENT TPfastassign assigns an address of an allocated string to the ring buffer and then references it in TPprintk, which can be executed...
tracing/timerlat: Fix a race during cpuhp processing
...
OESA-2024-2502 bcc security update
BCC is a toolkit for creating efficient kernel tracing and manipulation programs, and includes several useful tools and examples. It makes use of extended BPF Berkeley Packet Filters, formally known as eBPF, a new feature that was first added to Linux 3.15. BCC makes BPF programs easier to write,...
Low: Red Hat Security Advisory: bcc security update
An update for bcc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...
RHEL 9 : bcc (RHSA-2024:9187)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9187 advisory. BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley...
RLSA-2024:8831 Low: bcc security update
BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...
Low: bcc security update
BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...
ALSA-2024:8831 Low: bcc security update
BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...
The vulnerability of the ftrace_location() function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ftracelocation function in the kernel/trace/ftrace.c module of the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...
SUSE CVE-2024-43891
In the Linux kernel, the following vulnerability has been resolved: tracing: Have format file honor EVENTFILEFLFREED When eventfs was introduced, special care had to be done to coordinate the freeing of the file meta data with the files that are exposed to user space. The file meta data would hav...
CVE-2024-6760
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...
CVE-2024-6760
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...
CVE-2024-6760 ktrace(2) fails to detach when executing a setuid binary
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs. The bug may be used by an unprivileged user to read the contents of files to which...
kernel: tracing: Restructure trace_clock_global() to never block
In the Linux kernel, the following vulnerability has been resolved: tracing: Restructure traceclockglobal to never block It was reported that a fix to the ring buffer recursion detection would cause a hung machine when performing suspend / resume testing. The following backtrace was extracted fro...
PT-2024-37854 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A logic bug in the code disables kernel tracing for setuid programs, allowing unprivileged users to trace and inspect the behavior of setuid programs. This bug may be used by an...
FreeBSD-SA-24:06.ktrace
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-24:06.ktrace Security Advisory The FreeBSD Project Topic: ktrace2 fails to detach when executing a setuid binary Category: core Module: ktrace Announced:...