CLSA-2026-1778080357 bpftrace: Fix of CVE-2024-2313

CVE-2024-2313: Prevent bpftrace from loading compromised Linux headers when extracting kernel headers from temporary directory...

EUVD-2024-27269

Malicious code in bioql PyPI...

EUVD-2024-27268

Malicious code in bioql PyPI...

RLSA-2024:9188 Low: bpftrace security update

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter eBPF available in recent Linux kernels 4.x. BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing...

bpftrace security update

An update is available for bpftrace. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet...

Oracle Linux 9 : bpftrace (ELSA-2024-9188)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-9188 advisory. - Fix CVE allowing unprivileged users loading of compromised linux headers RHEL-28765, CVE-2024-2313 - Fix CVE allowing unprivileged users loading of compromise...

bpftrace security update

0.21.1-1 - Rebase on bpftrace 0.21.1 - Add LLVM 18 support RHEL-28685 0.20.4-3 - Fix latest build not built in side tag 0.20.4-2 - Rebuild for bcc 0.30.0-4 0.20.4-1 - Rebase on bpftrace 0.20.4 - Fix CVE allowing unprivileged users loading of compromised linux headers RHEL-28765, CVE-2024-2313 -...

RHEL 9 : bpftrace (RHSA-2024:9188)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9188 advisory. BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter eBPF available in recent Linux kernels 4.x. BPFtrace uses LLVM as...

Low: bpftrace security update

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter eBPF available in recent Linux kernels 4.x. BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing...

ALSA-2024:9187 Low: bcc security update

BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...

bpftrace security update

An update is available for bpftrace. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet...

Low: Red Hat Security Advisory: bcc security update

An update for bcc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

bpftrace: unprivileged users can force loading of compromised linux headers

A flaw was found in BPFtrace. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bpftrace to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential...

Low: bpftrace security update

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter eBPF available in recent Linux kernels 4.x. BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing...

ALSA-2024:8831 Low: bcc security update

BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter eBPF tool. Security Fixes: bcc: unprivileged users can force loading of compromised linux headers CVE-2024-2314 For more details about t...

RHEL 8 : bcc (RHSA-2024:8831)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8831 advisory. BPF Compiler Collection BCC is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley...

If kernel headers need to be extracted bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

...

Amazon Linux 2 : bpftrace (ALAS-2024-2552)

The version of bpftrace installed on the remote host is prior to 0.12.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2552 advisory. If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker...

Low: bcc

Issue Overview: If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...

Low: bpftrace

Issue Overview: If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...