Lucene search
K

53 matches found

RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.4 views

kernel: local escalation of privileges in handling of eBPF programs

An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking unsigned 32-bit instructions in an eBPF program occurs.. By default accessing the eBPF verifier is only accessible to privileged use...

8.8CVSS7.3AI score0.01754EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/11/09 5:26 p.m.4 views

kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory

A vulnerability was discovered in retrieveptrlimit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads Spectre mitigation. In this flaw a local, special user privileged CAPSYSADMIN BPF program running on affected systems may bypass the protection,...

5.5CVSS6.8AI score0.01071EPSS
Exploits0References5
OSV
OSV
added 2021/06/04 2:15 a.m.4 views

DEBIAN-CVE-2021-3490

The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...

7.8CVSS6.9AI score0.27477EPSS
Exploits8References1
Gitee
Gitee
added 2021/01/24 10:46 a.m.87 views

Exploit for Improper Access Control in Xen

kernelexploitfactory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. The test is on...

8.2CVSS7.1AI score0.30052EPSS
Exploits25
RedHat Linux
RedHat Linux
added 2019/03/13 6:46 p.m.5 views

kernel: Faulty computation of numberic bounds in the BPF verifier

A security flaw was found in the Linux kernel in the adjustscalarminmaxvals function in kernel/bpf/verifier.c. A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because this function mishandles 32-bit right shifts. A local unprivileged user cannot...

7.8CVSS7AI score0.00533EPSS
Exploits0References4
OSV
OSV
added 2017/12/27 5:8 p.m.0 views

DEBIAN-CVE-2017-17853

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging incorrect BPFRSH signed bounds calculations...

7.8CVSS6.7AI score0.00373EPSS
Exploits0References1
OSV
OSV
added 2017/12/27 5:8 p.m.1 views

DEBIAN-CVE-2017-17864

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles statesequal comparisons between the pointer data type and the UNKNOWNVALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."...

3.3CVSS7.3AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2017/12/27 5:8 p.m.0 views

DEBIAN-CVE-2017-17852

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops...

7.8CVSS7.1AI score0.00358EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/12/27 5:8 p.m.2 views

CVE-2017-17856

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement...

7.8CVSS8.4AI score0.00393EPSS
Exploits0References5
OSV
OSV
added 2017/12/27 5:8 p.m.2 views

UBUNTU-CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...

7.8CVSS6.9AI score0.00388EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/12/27 5:8 p.m.3 views

CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...

7.8CVSS8.4AI score0.00388EPSS
Exploits0References5
CNVD
CNVD
added 2017/12/25 12:0 a.m.3 views

Linux kernel denial of service vulnerability (CNVD-2017-38516)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the checkstackboundary function in kernel/bpf/verifier.c in Linux kernel...

7.8CVSS7.3AI score0.00393EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/25 12:0 a.m.2 views

Linux kernel denial of service vulnerability (CNVD-2017-38513)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in kernel/bpf/verifier.c in Linux kernel versions 4.14.8 and earlier due to ...

7.8CVSS7.3AI score0.00382EPSS
Exploits1References1
Rows per page
Query Builder