CVE-2021-45402

CVE-2021-45402 affects the Linux kernel where check_alu_op() in kernel/bpf/verifier.c does not update bounds properly when handling mov32, enabling local attackers to leak potentially sensitive addresses (pointer leak). The description is consistently cited across multiple connected advisories (e...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5755)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5755 advisory. - p54usb: Fix race between disconnect and firmware loading Alan Stern Orabug: 31351863 CVE-2019-15220 - media: rc: prevent memory leak in cx23888irprob...

CVE-2019-7308

A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel. The code in the kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize,...

CVE-2019-7308

CVE-2019-7308 affects the Linux kernel’s BPF verifier in kernel/bpf/verifier.c prior to 4.20.6. The issue is undesirable out-of-bounds speculation on pointer arithmetic across branches with different state/limits, enabling potential side-channel attacks. Public sources in connected documents cons...