Lucene search
+L

57 matches found

oraclelinux
oraclelinux
added 2023/12/01 12:0 a.m.408 views

kernel security and bug fix update

4.18.0-513.9.19.OL8 - media: dvb-core: Fix use-after-free due to race at dvbregisterdevice Mauro Carvalho Chehab CVE-2022-45884 - cifs: Fix UAF in cifsdemultiplexthread Zhang Xiaoxu CVE-2023-1192 - nvmet-tcp: Fix a possible UAF in queue intialization setup Sagi Grimberg CVE-2023-5178 - net: tun:...

10CVSS7.1AI score0.09141EPSS
Exploits2
amazon
amazon
added 2023/05/16 12:0 a.m.2 views

Medium: kernel

Issue Overview: bpf: incorrect verifier pruning due to missing register precision taints, which may lead to out-of-band read/write access due to an incorrect verifier conclusion. CVE-2023-2163 qfqchangeclass in net/sched/schqfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write...

10CVSS6.9AI score0.03546EPSS
Exploits0
susecve
susecve
added 2023/02/15 5:5 a.m.3 views

SUSE CVE-2016-2383

The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...

5.5CVSS7.9AI score0.00374EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-10245

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

6.5CVSS7.1AI score0.02492EPSS
Exploits0References8
susecve
susecve
added 2023/02/15 3:40 a.m.2 views

SUSE CVE-2021-33200

kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corne...

8.4CVSS8.8AI score0.00377EPSS
Exploits0References36
susecve
susecve
added 2023/02/15 3:40 a.m.3 views

SUSE CVE-2021-33624

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db...

5.1CVSS8.7AI score0.00922EPSS
Exploits3References25
mscve
mscve
added 2022/02/24 8:0 a.m.4 views

The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction which allows local users to obtain potentially sensitive address information aka a "pointer leak."

...

5.5CVSS7.1AI score0.00416EPSS
Exploits1
osv
osv
added 2022/02/11 3:15 p.m.3 views

UBUNTU-CVE-2021-45402

The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a "pointer leak."...

5.5CVSS6.7AI score0.00416EPSS
Exploits1References10
osv
osv
added 2021/03/20 10:15 p.m.14 views

AZL-6526 CVE-2020-27171 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error with a resultant integer underflow affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information...

6CVSS6.9AI score0.00577EPSS
Exploits0References1
osv
osv
added 2021/03/18 10:0 p.m.2 views

UBUNTU-CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This...

4.7CVSS6.9AI score0.00565EPSS
Exploits0References5
gitee
gitee
added 2021/01/24 10:46 a.m.88 views

Exploit for Improper Access Control in Xen

kernelexploitfactory Keep updating...... Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore. This repository is to extract all Linux kernel exploit and relative debug environment. The test is on...

8.2CVSS7.1AI score0.30052EPSS
Exploits25
hackerone
hackerone
added 2020/10/16 8:23 p.m.68 views

Internet Bug Bounty: [CVE-2020-27194] Linux kernel: eBPF verifier bug in `or` binary operation tracking function leads to LPE

CVE-2020-27194 is a eBPF verifier bug that allows an unprivileged attacker to create BPF socket filter programs that can read and write Out of Bounds, trough which an arbitrary kernel read write can be achieved. I'm taking the root cause explanation from the patch email: Simon reported an issue...

2.1CVSS5.8AI score0.02018EPSS
Exploits5
redhat
redhat
added 2019/05/16 1:25 p.m.9 views

JDK: Read beyond the end of bytecode array causing JVM crash

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

7.5CVSS7.5AI score0.02492EPSS
Exploits0References4
redhat
redhat
added 2019/05/13 9:8 p.m.7 views

JDK: Read beyond the end of bytecode array causing JVM crash

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

7.5CVSS7.5AI score0.02492EPSS
Exploits0References4
osv
osv
added 2017/12/27 5:8 p.m.1 views

DEBIAN-CVE-2017-17862

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service...

5.5CVSS7.6AI score0.00437EPSS
Exploits0References1
cnvd
cnvd
added 2017/12/25 12:0 a.m.5 views

Linux kernel denial of service vulnerability (CNVD-2017-38511)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in kernel/bpf/verifier.c in Linux kernel version 4.14.8 and earlier. A local...

7.8CVSS7.4AI score0.00418EPSS
Exploits0References1
osv
osv
added 2016/02/15 12:0 a.m.1 views

UBUNTU-CVE-2016-2383

The adjustbranches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions...

5.5CVSS6.7AI score0.00374EPSS
Exploits0References6
Rows per page
Query Builder