6 matches found
kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...
EUVD-2024-53323
Malicious code in bioql PyPI...
CVE-2024-56675
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...
CVE-2024-56675
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...
CVE-2024-56675 bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...
CVE-2024-56675
CVE-2024-56675 affects the Linux kernel: UAF can occur when a non-sleepable BPF program is attached to an uprobe and freed via normal RCU, because Uprobes use bpf_prog_run_array_uprobe() under tasks-trace-RCU protection. The fix explicitly waits for a tasks-trace-RCU grace period after removing t...