CVE-2024-38662
CVSS v3.1
4.7 (Medium)
EPSS
0.04 % (10th)
Affected Products
1
Advisories
15
NVD Status
Analyzed
In the Linux kernel, the following vulnerability has been resolved:
bpf: Allow delete from sockmap/sockhash only if update is allowed
We have seen an influx of syzkaller reports where a BPF program attached to
a tracepoint triggers a locking rule violation by performing a map_delete
on a sockmap/sockhash.
We don't intend to support this artificial use scenario. Extend the
existing verifier allowed-program-type check for updating sockmap/sockhash
to also cover deleting from a map.
From now on only BPF programs which were previously allowed to update
sockmap/sockhash can delete from these map types.
Weaknesses
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- kernel.org
- Published Date
-
2024-06-21 12:15:11
(2 months ago) - Updated Date
-
2024-06-24 18:34:17
(2 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...