CVE-2024-47728

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...

CVE-2024-49861

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...

CVE-2024-49861

CVE-2024-49861 affects the Linux kernel: bpf: Fix helper writes to read-only maps. The issue allowed a BPF program to write into a read‑only map (e.g., frozen .rodata) via helpers using ARG_PTR_TO_{LONG,INT}, because meta->raw_mode wasn’t set and check_map_access_type() treated the map as read...

CVE-2024-49861 bpf: Fix helper writes to read-only maps

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...