618 matches found
CVE-2025-37948
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...
DEBIAN-CVE-2025-37948
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...
UBUNTU-CVE-2025-37948
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...
CVE-2025-37948 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs
In the Linux kernel, the following vulnerability has been resolved: arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. On exit from a BPF program, emit the BHB...
PT-2025-22209
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A malicious BPF program may manipulate the branch history to influence what the hardware speculates will happen next. The issue is resolved by adding BHB mitigation to the epilogue for...
CVE-2023-53076
No description is available for this CVE...
CVE-2023-53076
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2023-53076
...
CVE-2023-53076
CVE-2023-53076 is rejected/not used and does not represent an active vulnerability entry.
RockyLinux 9 : oci-seccomp-bpf-hook (RLSA-2024:9277)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9277 advisory. golang: net: malformed DNS message can cause infinite loop CVE-2024-24788 Tenable has extracted the preceding description block directly from the RockyLinux...
oci-seccomp-bpf-hook security update
An update is available for oci-seccomp-bpf-hook. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OCI Hook to generate seccomp json files based on EBF syscalls us...
Linux Landlock Disable
A logic bug was discovered in Linux that makes it possible for a process to get rid of all Landlock restrictions applied to it. I found a logic bug that makes it possible for a process to get rid of all Landlock restrictions applied to it: When a process' cred struct is replaced, this almost alwa...
SUSE CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
DEBIAN-CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
UBUNTU-CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834
Summary (mode C): CVE-2025-21834 relates to the Linux kernel where a seccomp passthrough for uretprobe systemcalls was not filtered. When uretprobes are attached to processes in Docker, the retprobe can cause the traced process to segfault because the default seccomp filters block this kernel-int...
CVE-2025-21834 seccomp: passthrough uretprobe systemcall without filtering
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834 seccomp: passthrough uretprobe systemcall without filtering
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...
CVE-2025-21834
In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attached process is segfaulted when encountering the retprobe. The reason is that now that uretprobe is...