14 matches found
EUVD-2026-18200
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
DEBIAN-CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
UBUNTU-CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2026-23417
CVE-2026-23417 affects the Linux kernel BPF component where PROBE_MEM32 immediate stores (BPF_ST|BPF_PROBE_MEM32) were not blinded by the JIT constant-blinding path. The root cause is that convert_ctx_accesses() rewrites BPF_ST|BPF_MEM to BPF_ST|BPF_PROBE_MEM32 during verification, but the blindi...
PT-2026-29724
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBE MEM32 stores BPF ST | BPF PROBE MEM32 immediate stores are not handled by bpf jit blind insn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2025-71270
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
CVE-2025-38538
In the Linux kernel, the following vulnerability has been resolved: dmaengine: nbpfaxi: Fix memory corruption in probe The nbpf-chan array is allocated earlier in the nbpfprobe function and it has "numchannels" elements. These three loops iterate one element farther than they should and corrupt...
AZL-56294 CVE-2024-56702 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...
DEBIAN-CVE-2024-56702
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...
UBUNTU-CVE-2024-56702
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...
CVE-2024-56702 bpf: Mark raw_tp arguments with PTR_MAYBE_NULL
In the Linux kernel, the following vulnerability has been resolved: bpf: Mark rawtp arguments with PTRMAYBENULL Arguments to a raw tracepoint are tagged as trusted, which carries the semantics that the pointer will be non-NULL. However, in certain cases, a raw tracepoint argument may end up being...
Vulnerabilities of Linux operating system components and the kernel, which allow attackers to trigger service failures
The vulnerability of AMD components and the Linux operating system’s kernel is related to a memory leak in the amdsofacpprobe function. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2009-0605
Stack consumption vulnerability in the dopagefault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service memory corruption or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered...