Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-43843
HistoryAug 17, 2024 - 9:21 a.m.

CVE-2024-43843 riscv, bpf: Fix out-of-bounds issue when preparing trampoline image

2024-08-1709:21:57
Linux
www.cve.org
17
linux kernel
riscv
bpf
out-of-bounds
vulnerability
trampoline image
fix
security

EPSS

0

Percentile

9.5%

JSON

In the Linux kernel, the following vulnerability has been resolved:

riscv, bpf: Fix out-of-bounds issue when preparing trampoline image

We get the size of the trampoline image during the dry run phase and
allocate memory based on that size. The allocated image will then be
populated with instructions during the real patch phase. But after
commit 26ef208c209a (“bpf: Use arch_bpf_trampoline_size”), the im
argument is inconsistent in the dry run and real patch phase. This may
cause emit_imm in RV64 to generate a different number of instructions
when generating the ‘im’ address, potentially causing out-of-bounds
issues. Let’s emit the maximum number of instructions for the “im”
address during dry run to fix this problem.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/riscv/net/bpf_jit_comp64.c"
    ],
    "versions": [
      {
        "version": "26ef208c209a",
        "lessThan": "3e6a1b1b179a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "26ef208c209a",
        "lessThan": "9f1e16fb1fc9",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/riscv/net/bpf_jit_comp64.c"
    ],
    "versions": [
      {
        "version": "6.8",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "6.8",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.3",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

ubuntucve 1
vulnrichment 1
cve 1
nvd 1
debiancve 1
osv 1
redhatcve 1
ubuntucve
ubuntucve
CVE-2024-43843
2024-08-17 00:00:00
vulnrichment
vulnrichment
CVE-2024-43843 riscv, bpf: Fix out-of-bounds issue when preparing trampoline image
2024-08-17 09:21:57
cve
cve
CVE-2024-43843
2024-08-17 10:15:09
nvd
nvd
CVE-2024-43843
2024-08-17 10:15:09
debiancve
debiancve
CVE-2024-43843
2024-08-17 10:15:09
osv
osv
CVE-2024-43843
2024-08-17 10:15:09
redhatcve
redhatcve
CVE-2024-43843
2024-08-19 13:16:18

EPSS

0

Percentile

9.5%

JSON
Related for CVELIST:CVE-2024-43843
ubuntucve1vulnrichment1cve1nvd1debiancve1osv1redhatcve1