CVE-2022-50855 bpf: prevent leak of lsm program after failed attach

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...

CVE-2022-50855 bpf: prevent leak of lsm program after failed attach

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpfprogattach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPFLSMCGROUP, we return too early if...

CVE-2022-50855

The CVE-2022-50855 entry concerns a Linux kernel issue where the BPF LSM program attached via bpf_prog_attach to cgroups could leak because the refcnt wasn’t decremented when the validation rejected the attach. The published description across Red Hat, SUSE, Ubuntu (OSV), Debian OSV, NVD, and oth...

PT-2025-53973

In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm program after failed attach In 0, we added the ability to bpf prog attach LSM programs to cgroups, but in our validation to make sure the prog is meant to be attached to BPF LSM CGROUP, we return too earl...

PT-2025-54061

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the handling of bus errors on m68k systems. Specifically, the get kernel nofault function can cause a bus error exception when logging a kernel task...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to decrement the reference count when the bpfprogattach LSM program fails, which could lead to a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992347 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pktlen Syzbot found an issue 1: fqcodeldrop try to drop ...

PT-2025-54245

Name of the Vulnerable Software and Affected Versions SoX version 14.4.2 Description SoX version 14.4.2 contains a division by zero issue when processing WAV files, potentially leading to program crashes. An attacker can provide a crafted WAV file to trigger a floating point exception due to...

CVE-2025-65411

A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the searchpath parameter...

Syntecxhub_SQL_Injection_Scanner

SyntecxhubSQLInjectionScanner A...

Linux Distros Unpatched Vulnerability : CVE-2025-68355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not b...

bpf: Fix invalid prog->stats access when update_effective_progs fails

...

SUSE CVE-2025-68355

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not be reclaimed, just like the memory leak problem reported by syzbot 1...

EUVD-2025-205220

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog-stats access when updateeffectiveprogs fails Syzkaller triggers an invalid memory access issue following fault injection in updateeffectiveprogs. The issue can be described as follows: cgroupbpfdetach...

CVE-2025-68742

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog-stats access when updateeffectiveprogs fails Syzkaller triggers an invalid memory access issue following fault injection in updateeffectiveprogs. The issue can be described as follows: cgroupbpfdetach...

CVE-2025-68742 bpf: Fix invalid prog->stats access when update_effective_progs fails

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog-stats access when updateeffectiveprogs fails Syzkaller triggers an invalid memory access issue following fault injection in updateeffectiveprogs. The issue can be described as follows: cgroupbpfdetach...

CVE-2025-68742

CVE-2025-68742: In the Linux kernel, a fault injection in update_effective_progs can cause a BPF prog to be replaced with a dummy prog, leading to a NULL dereference when a softirq runs and accesses prog->stats. The fix prevents updating stats if stats is NULL, avoiding the invalid memory acce...

CVE-2025-68742 bpf: Fix invalid prog->stats access when update_effective_progs fails

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog-stats access when updateeffectiveprogs fails Syzkaller triggers an invalid memory access issue following fault injection in updateeffectiveprogs. The issue can be described as follows: cgroupbpfdetach...

CVE-2025-68355

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not be reclaimed, just like the memory leak problem reported by syzbot 1...

UBUNTU-CVE-2025-68355

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not be reclaimed, just like the memory leak problem reported by syzbot 1...