Lucene search
K

61 matches found

OSV
OSV
added 2025/05/02 3:56 p.m.9 views

CVE-2023-53135 riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode

In the Linux kernel, the following vulnerability has been resolved: riscv: Use READONCENOCHECK in imprecise unwinding stack mode When CONFIGFRAMEPOINTER is unset, the stack unwinding function walkstackframe randomly reads the stack and then, when KASAN is enabled, it can lead to the following...

7.1CVSS4.8AI score0.00159EPSS
Exploits0References9
CVE
CVE
added 2025/05/02 3:56 p.m.78 views

CVE-2023-53135

The CVE-2023-53135 entry describes a Linux kernel vulnerability in riscv where, if CONFIG_FRAME_POINTER is unset, the stack unwinding function walk_stackframe may read the stack non-atomically in imprecise unwinding mode, enabling a KASAN-detected stack-out-of-bounds condition. The identified fix...

7.1CVSS6.3AI score0.00159EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/05/02 3:56 p.m.13 views

CVE-2023-53135 riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode

In the Linux kernel, the following vulnerability has been resolved: riscv: Use READONCENOCHECK in imprecise unwinding stack mode When CONFIGFRAMEPOINTER is unset, the stack unwinding function walkstackframe randomly reads the stack and then, when KASAN is enabled, it can lead to the following...

0.00159EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/02 12:0 a.m.4 views

PT-2025-18899 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: The issue is related to the Linux kernel's stack unwinding function, walk stackframe, which can lead to a stack-out-of-bounds error when CONFIG FRAME POINTER is unset and KASAN is...

5.1AI score0.00159EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2024/05/23 3:23 p.m.3 views

SUSE CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpfthrow kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one...

5.5CVSS5.2AI score0.00246EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/05/23 11:12 a.m.34 views

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpfthrow kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one...

5.5CVSS6.6AI score0.00246EPSS
Exploits0References4
CVE
CVE
added 2024/05/21 3:31 p.m.84 views

CVE-2023-52828

CVE-2023-52828 (Linux kernel) : The vulnerability arises from BPF verifier handling after a bpf_throw call. Because bpf_throw is the first noreturn call in the verifier, dead code elimination causes subsequent instructions to be treated as unseen, which can affect stack unwinding when a program t...

6.6CVSS6.2AI score0.00246EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/21 3:31 p.m.24 views

CVE-2023-52828 bpf: Detect IP == ksym.end as part of BPF program

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpfthrow kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one...

6.7AI score0.00246EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/09/16 12:0 a.m.3 views

PT-2023-9747 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the BPF Berkeley Packet Filter program in the Linux kernel. When the bpf throw kfunc is called, it triggers dead code elimination in an unprecedented way, causi...

6.6CVSS5.4AI score0.00246EPSS
Exploits0References28
Kitploit
Kitploit
added 2023/04/09 12:30 p.m.34 views

SilentMoonwalk - PoC Implementation Of A Fully Dynamic Call Stack Spoofer

PoC Implementation of a fully dynamic call stack spoofer TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the...

7.2AI score
Exploits0References7
OpenVAS
OpenVAS
added 2021/07/30 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:14771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.03622EPSS
Exploits0References4
OSV
OSV
added 2021/07/29 11:36 a.m.5 views

SUSE-SU-2021:14771-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - CVE-2019-20218: Fixed a stack unwinding flaw in the selectExpander after a parsing error. bsc1160439...

7.5CVSS8.1AI score0.03622EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/07/15 12:0 a.m.44 views

SUSE: Security Advisory (SUSE-SU-2021:2320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.0825EPSS
Exploits3References24
RedHat Linux
RedHat Linux
added 2020/11/04 12:58 a.m.6 views

sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error...

7.5CVSS7.4AI score0.03622EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.40 views

EulerOS Virtualization 3.0.2.2 : sqlite (EulerOS-SA-2020-2197)

According to the versions of the sqlite package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the...

7.5CVSS7.3AI score0.07856EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.247 views

EulerOS 2.0 SP2 : sqlite (EulerOS-SA-2020-1624)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect...

9.8CVSS7.9AI score0.07856EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.61 views

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2020-1434)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.7AI score0.07856EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.41 views

EulerOS Virtualization for ARM 64 3.0.6.0 : sqlite (EulerOS-SA-2020-1364)

According to the versions of the sqlite packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL...

7.5CVSS7.6AI score0.07856EPSS
Exploits1References11
OSV
OSV
added 2020/01/02 2:16 p.m.2 views

DEBIAN-CVE-2019-20218

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error...

7.5CVSS6.8AI score0.03622EPSS
Exploits0References1
OSV
OSV
added 2020/01/02 2:16 p.m.4 views

UBUNTU-CVE-2019-20218

selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error...

7.5CVSS6.8AI score0.03622EPSS
Exploits0References3
Rows per page
Query Builder