53 matches found
kernel: local escalation of privileges in handling of eBPF programs
An out-of-bounds access flaw was found in the Linux kernel’s implementation of the eBPF code verifier, where an incorrect register bounds calculation while checking unsigned 32-bit instructions in an eBPF program occurs.. By default accessing the eBPF verifier is only accessible to privileged use...
kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory
A vulnerability was discovered in retrieveptrlimit in kernel/bpf/verifier.c in the Linux kernel mechanism to mitigate speculatively out-of-bounds loads Spectre mitigation. In this flaw a local, special user privileged CAPSYSADMIN BPF program running on affected systems may bypass the protection,...
DEBIAN-CVE-2021-3490
The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e "bpf: Fix...
Exploit for Improper Access Control in Xen
kernelexploitfactory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. The test is on...
kernel: Faulty computation of numberic bounds in the BPF verifier
A security flaw was found in the Linux kernel in the adjustscalarminmaxvals function in kernel/bpf/verifier.c. A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because this function mishandles 32-bit right shifts. A local unprivileged user cannot...
DEBIAN-CVE-2017-17853
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging incorrect BPFRSH signed bounds calculations...
DEBIAN-CVE-2017-17864
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles statesequal comparisons between the pointer data type and the UNKNOWNVALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."...
DEBIAN-CVE-2017-17852
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops...
CVE-2017-17856
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement...
UBUNTU-CVE-2017-17854
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...
CVE-2017-17854
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...
Linux kernel denial of service vulnerability (CNVD-2017-38516)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the checkstackboundary function in kernel/bpf/verifier.c in Linux kernel...
Linux kernel denial of service vulnerability (CNVD-2017-38513)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in kernel/bpf/verifier.c in Linux kernel versions 4.14.8 and earlier due to ...