CVE-2024-38564
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enforce proper
attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses
bpf_prog_get and relies on bpf_prog_attach_check_attach_type
to properly verify prog_type <> attach_type association. Add missing attach_type enforcement for the link_create case.
Otherwise, it's currently possible to attach cgroup_skb prog
types to other cgroup hooks.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: bpf: agregue la aplicación del tipo de archivo adjunto BPF_PROG_TYPE_CGROUP_SKB en BPF_LINK_CREATE bpf_prog_attach usa adjunto_type_to_prog_type para aplicar el tipo de archivo adjunto adecuado para BPF_PROG_TYPE_CGROUP_SKB. link_create usa bpf_prog_get y se basa en bpf_prog_attach_check_attach_type para verificar correctamente la asociación prog_type <> adjunto_tipo. Agregue la aplicación de adjunto_tipo faltante para el caso link_create. De lo contrario, actualmente es posible adjuntar tipos de programa cgroup_skb a otros enlaces de cgroup.
In the Linux kernel, the following vulnerability has been resolved: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE bpf_prog_attach uses attach_type_to_prog_type to enforce proper attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses bpf_prog_get and relies on bpf_prog_attach_check_attach_type to properly verify prog_type <> attach_type association. Add missing attach_type enforcement for the link_create case. Otherwise, it's currently possible to attach cgroup_skb prog types to other cgroup hooks.
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-06-18 CVE Reserved
- 2024-06-19 CVE Published
- 2024-12-19 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-665: Improper Initialization
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/4a1e7c0c63e02daad751842b7880f9bbcdfb6e89 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-38564 | 2024-11-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2293429 | 2024-11-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10 < 6.6.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.6.33" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10 < 6.8.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.8.12" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10 < 6.9.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.9.3" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10 < 6.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10 < 6.10" | en |
Affected
| ||||||