Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2024-35903

HistoryMay 19, 2024 - 9:15 a.m.

CVE-2024-35903

2024-05-1909:15:11

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability

cve-2024-35903

resolved

x86

bpf

emit patch

call depth

accounting

offset

crash

nvd

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

x86/bpf: Fix IP after emitting call depth accounting

Adjust the IP passed to emit_patch so it calculates the correct offset
for the CALL instruction if x86_call_depth_emit_accounting emits code.
Otherwise we will skip some instructions and most likely crash.

References

git.kernel.org/stable/c/3f9d57c771656bfd651e22edcfdb5f60e62542d4

git.kernel.org/stable/c/81166178cf0a0062a22b1b3b5368183d39577028

git.kernel.org/stable/c/9d98aa088386aee3db1b7b60b800c0fde0654a4a