[ubuntu/kinetic-security] libbpf 0.8.0-1ubuntu22.10.1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Mon Dec 5 09:02:26 UTC 2022
libbpf (0.8.0-1ubuntu22.10.1) kinetic-security; urgency=medium
* SECURITY UPDATE: heap overflow vulnerability
- debian/patches/CVE-2021-45940_45941.patch: Use elf_getshdrnum()
instead of e_shnum
- CVE-2021-45940
- CVE-2021-45941
* SECURITY UPDATE: memory leak due to argument reg_name
- debian/patches/CVE-2022-3533.patch: Fix memory leak in
parse_usdt_arg()
- CVE-2022-3533
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2022-3534.patch: Fix use-after-free in
btf_dump_name_dups
- CVE-2022-3534
* SECURITY UPDATE: null pointer dereference vulnerability
- debian/patches/CVE-2022-3606.patch: Fix null-pointer dereference in
find_prog_by_sec_insn()
- CVE-2022-3606
Date: 2022-12-01 10:19:13.467176+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/libbpf/0.8.0-1ubuntu22.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list