Package "libbpf0"
| Name: |
libbpf0
|
Description: |
eBPF helper library (shared library)
|
| Latest version: |
1:0.8.0-1ubuntu22.10.1 |
| Release: |
kinetic (22.10) |
| Level: |
security |
| Repository: |
main |
| Head package: |
libbpf |
Links
Download "libbpf0"
Other versions of "libbpf0" in Kinetic
Changelog
|
libbpf (0.8.0-1ubuntu22.10.1) kinetic-security; urgency=medium
* SECURITY UPDATE: heap overflow vulnerability
- debian/patches/CVE-2021-45940_45941.patch: Use elf_getshdrnum()
instead of e_shnum
- CVE-2021-45940
- CVE-2021-45941
* SECURITY UPDATE: memory leak due to argument reg_name
- debian/patches/CVE-2022-3533.patch: Fix memory leak in
parse_usdt_arg()
- CVE-2022-3533
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2022-3534.patch: Fix use-after-free in
btf_dump_name_dups
- CVE-2022-3534
* SECURITY UPDATE: null pointer dereference vulnerability
- debian/patches/CVE-2022-3606.patch: Fix null-pointer dereference in
find_prog_by_sec_insn()
- CVE-2022-3606
-- Nishit Majithia <email address hidden> Thu, 01 Dec 2022 15:24:36 +0530
|
| CVE-2021-45940 |
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). |
| CVE-2021-45941 |
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c). |
| CVE-2022-3533 |
A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parse_usdt_arg of the file tools/lib/bpf |
| CVE-2022-3534 |
A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump |
| CVE-2022-3606 |
A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/l |
|
About
-
Send Feedback to @ubuntu_updates
