[SECURITY] Fedora 36 Update: golang-github-euank-kmsg-parser-2.0.1-9.fc36

This package contains a library to allow parsing the /dev/kmsg device in Linu x. This device provides a read-write interface to the Linux Kernel's ring buffer...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel, where a BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack. This issue occurs when the protection mechanism neglects the possibility of uninitialized memory locations on the BPF...

USN-5219-1 linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oem-5.10, linux-oracle, linux-oracle-5.11, linux-raspi vulnerability

It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

Debian DLA-2843-1 : linux - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory. - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listene...

_getFirstSample returns wrong sample if count < sampleMemory

Handle cmichel Vulnerability details The MovingAverage.sol contract defines several variables that in the end make the samples array act as a ring buffer: sampleMemory: The total length buffer size of the samples array. samples is initialized with sampleMemory zero observations. counter: The...

kernel: DoS in rb_per_cpu_empty()

A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

kernel: Linux kernel eBPF RINGBUF map oversized allocation

A flaw out of bound memory write in the Linux kernel BPF subsystem was found in the way user writes to BPF ring buffer too fast, so larger buffer than available memory could be allocated. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...

kernel: DoS in rb_per_cpu_empty()

A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

kernel: Linux kernel eBPF RINGBUF map oversized allocation

A flaw out of bound memory write in the Linux kernel BPF subsystem was found in the way user writes to BPF ring buffer too fast, so larger buffer than available memory could be allocated. A local user could use this flaw to crash the system or possibly escalate their privileges on the system...

USN-5115-1: Linux kernel (OEM) vulnerabilities

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information WiFi network traffic. CVE-2020-3702 Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF...

The vulnerability of the bpf_ringbuf_reserve() function in the Linux operating system, related to writing beyond the buffer boundaries in memory, allows a attacker to execute arbitrary code in the kernel context.

The vulnerability of the bpfringbufreserve function in the Linux operating system is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code in the kernel context...

CVE-2020-36470

An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references...

Rust 竞争条件问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A denial-of-service vulnerability exists in Mozilla Rust's sklose disrustor, which stems from the fact that RingBuffer does not properly limit the number of variable references, and can be exploited by attackers...

DEBIAN-CVE-2021-3679

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

AZL-6577 CVE-2021-3679 affecting package kernel for versions less than 5.10.78.1-1

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the Linux kernel trace module functionality in versions prior to 5.14-rc3, where a user is found to have...

CVE-2021-3679

A lack of CPU resources in the Linux kernel tracing module functionality was found in the way users use the trace ring buffer in specific way. Only privileged local users with CAPSYSADMIN capability could use this flaw to starve the resources causing denial of service. Mitigation Mitigation for...

PT-2021-4148 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.14-rc3 Description: A lack of CPU resource in the Linux kernel tracing module functionality was found in the way a user uses the trace ring buffer in a specific way. Only privileged local users, with CAP SYS...

DEBIAN-CVE-2021-3489

The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee "bp...

UVI-2021-1000329 libbpf: Fix signed overflow in ringbuf_process_ring

libbpf: Fix signed overflow in ringbufprocessring This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.38 by commit...