4535 matches found
SUSE CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
EUVD-2026-18200
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
DEBIAN-CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
UBUNTU-CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2026-23417
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
CVE-2026-23417
CVE-2026-23417 affects the Linux kernel BPF component where PROBE_MEM32 immediate stores (BPF_ST|BPF_PROBE_MEM32) were not blinded by the JIT constant-blinding path. The root cause is that convert_ctx_accesses() rewrites BPF_ST|BPF_MEM to BPF_ST|BPF_PROBE_MEM32 during verification, but the blindi...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bpf not performing constant obfuscation on the PROBEMEM32 storage mechanism. This vulnerability m...
PT-2026-29724
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBE MEM32 stores BPF ST | BPF PROBE MEM32 immediate stores are not handled by bpf jit blind insn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...
GHSA-324Q-CWX9-7CRR KubeAI: OS Command Injection via Model URL in Ollama Engine startup probe allows arbitrary command execution in model pods
CHAMP: Description Summary The ollamaStartupProbeScript function in internal/modelcontroller/engineollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components ref, modelParam. This shell command is executed via bash -c as a Kubernetes startup probe. An...
KubeAI: OS Command Injection via Model URL in Ollama Engine startup probe allows arbitrary command execution in model pods
CHAMP: Description Summary The ollamaStartupProbeScript function in internal/modelcontroller/engineollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components ref, modelParam. This shell command is executed via bash -c as a Kubernetes startup probe. An...
PT-2026-29827
CHAMP: Description Summary The ollamaStartupProbeScript function in internal/modelcontroller/engine ollama.go constructs a shell command string using fmt.Sprintf with unsanitized model URL components ref, modelParam. This shell command is executed via bash -c as a Kubernetes startup probe. An...
[SECURITY] Fedora 44 Update: rust-openssl-probe-0.2.1-1.fc44
A library for helping to find system-wide trust anchor "root" certificate locations based on paths typically used by openssl...
[SECURITY] Fedora 44 Update: rust-openssl-probe0.1-0.1.6-1.fc44
Tool for helping to find SSL certificate locations on the system for OpenSSL...
Linux Distros Unpatched Vulnerability : CVE-2026-23305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could ...
Fedora 44 : python-uv-build / rust-ambient-id / rust-astral-reqwest-middleware / etc (2026-b8b59dcf44)
The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-b8b59dcf44 advisory. Update uv and python-uv-build to 0.11.2. Version 0.11 includes changes to the networking stack used by uv. While its developers think that breakage will be...
CVE-2026-33396
OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.35, a low-privileged authenticated user ProjectMember can achieve remote command execution on the Probe container/host by abusing Synthetic Monitor Playwright script execution. Synthetic monitor code is...
OESA-2026-1762 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb The syzbot fuzzer identified a problem in the usbnet driver: usb 1-1: BOGUS urb xfer, pipe 3 != type 1...
CVE-2026-32705
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the BST telemetry probe writes a string terminator using a device-provided length without bounds. A malicious BST device can report an oversized devnamelen, causing a stack overflow in the driver and crashing the task or...