248 matches found
CVE-2024-27050
Summary (CVE-2024-27050): In the Linux kernel libbpf code, the bpf_xdp_query_opts struct gained fields feature_flags and xdp_zc_max_segs. The code updating these fields did not use the OPTS_SET() macro, causing writes to the fields unconditionally and risking stack corruption for programs built a...
CVE-2024-27050 libbpf: Use OPTS_SET() macro in bpf_xdp_query()
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTSSET macro in bpfxdpquery When the featureflags and xdpzcmaxsegs fields were added to the libbpf bpfxdpqueryopts, the code writing them did not use the OPTSSET macro. This causes libbpf to write to those fields...
CVE-2024-27050
In the Linux kernel, the following vulnerability has been resolved: libbpf: Use OPTSSET macro in bpfxdpquery When the featureflags and xdpzcmaxsegs fields were added to the libbpf bpfxdpqueryopts, the code writing them did not use the OPTSSET macro. This causes libbpf to write to those fields...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from libbpf out-of-bounds writes...
PT-2024-28073 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a null-pointer dereference in the libbpf component of the Linux kernel. Specifically, in the bpf objec load prog function, there is no guarantee that obj-btf is...
CVE-2023-52592
This CVE ID is rejected/withdrawn and does not represent an active vulnerability entry.
CVE-2023-52592
Removed by vendor...
PT-2024-14637 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue occurred in the libbpf component of the Linux kernel, specifically in the bpf object collect prog relos function. Recommendations: At the moment, there...
openSUSE: Security Advisory for libbpf (SUSE-SU-2023:0405-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the btf_dump_name_dups() function in the tools/lib/bpf/btf_dump.c library of the libbpf library (Berkeley Packet Filters) in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the libbpf library Berkeley Packet Filters in the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
Ubuntu 20.04 ESM : LibBPF vulnerabilities (USN-5759-2)
The remote Ubuntu 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5759-2 advisory. USN-5759-1 fixed vulnerabilities in LibBPF. This update provides the corresponding updates for Ubuntu 20.04 ESM. Tenable has extracted the preceding...
CLSA-2023-1693904331 Fix of 11 CVEs
Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...
CLSA-2023-1693827322 Fix of 9 CVEs
Jammy update: v5.15.86 upstream stable release LP: 2005113 // CVE-url: https://ubuntu.com/security/CVE-2022-3606 - libbpf: Fix null-pointer dereference in findprogbysecinsn Jammy update: v5.15.87 upstream stable release LP: 2007441 // CVE-url: https://ubuntu.com/security/CVE-2023-23454 - net:...
Possibility of deadlock in libbpf function sock_hash_delete_elem
...
Linux Kernel BPF libbpf.c find_prog_by_sec_insn null pointer dereference
...
Ubuntu 18.04 ESM / 20.04 LTS : dwarves vulnerabilities (USN-6215-1)
The remote Ubuntu 18.04 ESM / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6215-1 advisory. It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2335)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libbpf bug fix and enhancement update
An update is available for libbpf. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.2...
Important Photon OS Security Update - PHSA-2023-4.0-0377
Updates of 'libbpf' packages of Photon OS have been released...
Mageia: Security Advisory (MGASA-2023-0008)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...