Lucene search

K
redhatcveRedhat.comRH:CVE-2024-2313
HistoryMar 11, 2024 - 2:50 p.m.

CVE-2024-2313

2024-03-1114:50:31
redhat.com
access.redhat.com
4
bpftrace
compromised linux headers
temporary directory
security risks
unauthorized access
system compromise

2.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

A flaw was found in BPFtrace. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bpftrace to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential security risks, unauthorized access, or system compromise.

2.8 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

7 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%