4.7
CVE-2024-38662
- EPSS 0.04%
- Veröffentlicht 21.06.2024 12:15:11
- Zuletzt bearbeitet 21.11.2024 09:26:34
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
LoginIn the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash. We don't intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map. From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10 < 5.10.219
Linux ≫ Linux Kernel Version >= 5.15 < 5.15.161
Linux ≫ Linux Kernel Version >= 6.1 < 6.1.93
Linux ≫ Linux Kernel Version >= 6.6 < 6.6.33
Linux ≫ Linux Kernel Version >= 6.9 < 6.9.4
Linux ≫ Linux Kernel Version6.10.0 Updaterc1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.101 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 1 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
|