12 matches found
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
...
bcc security update
0.30.0-6 - Rebuild with LLVM 18 RHEL-28684 0.30.0-5 - Drop python3-pyelftools dependency on s390x until it is available 0.30.0-4 - Exclude btrfs and f2fs libbpf tools RHEL-36579 0.30.0-3 - Really prevent the loading of compromised headers RHEL-28769, CVE-2024-2314 - Add python3-pyelftools...
bpftrace: unprivileged users can force loading of compromised linux headers
A flaw was found in BPFtrace. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bpftrace to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential...
bcc security update
0.25.0-9 - Really prevent the loading of compromised headers RHEL-28768, CVE-2024-2314 0.25.0-8 - Check header ownership RHEL-28768...
If kernel headers need to be extracted bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
...
Low: bcc
Issue Overview: If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...
SUSE CVE-2024-2313
If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...
CVE-2024-2314
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...
AZL-35874 CVE-2024-2313 affecting package bpftrace for versions less than 0.20.3-1
If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...
DEBIAN-CVE-2024-2314
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...
Default credentials
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...
CVE-2024-2314
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default...