CVE-2024-50123 bpf: Add the missing BPF_LINK_TYPE invocation for sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPFLINKTYPE invocation for sockmap There is an out-of-bounds read in bpflinkshowfdinfo for the sockmap link fd. Fix it by adding the missing BPFLINKTYPE invocation for sockmap link Also add comments for...

CVE-2024-50123

CVE-2024-50123 affects the Linux kernel sockmap/BPF code. The root cause is a missing BPF_LINK_TYPE invocation for the sockmap link, which caused an out-of-bounds read in bpf_link_show_fdinfo() for the sockmap link fd. The patch fixes the issue by adding the missing BPF_LINK_TYPE invocation and u...

CVE-2024-50123 bpf: Add the missing BPF_LINK_TYPE invocation for sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPFLINKTYPE invocation for sockmap There is an out-of-bounds read in bpflinkshowfdinfo for the sockmap link fd. Fix it by adding the missing BPFLINKTYPE invocation for sockmap link Also add comments for...

CVE-2024-50123 bpf: Add the missing BPF_LINK_TYPE invocation for sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPFLINKTYPE invocation for sockmap There is an out-of-bounds read in bpflinkshowfdinfo for the sockmap link fd. Fix it by adding the missing BPFLINKTYPE invocation for sockmap link Also add comments for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the bpf module, where an out-of-bounds read problem exists for sockmap linked file descriptors, and is...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2024-2544)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : bpf, skmsg: Fix NULL pointer dereference in skpsockskbingressenqueueCVE-2024-36938 bpf, sockmap: Prevent lock inversion deadlock in map delete...

The vulnerability of the sockmap component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the sockmap component in the Linux operating system’s kernel is related to the assignment of a zero pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

kernel: bpf, sockmap: Prevent lock inversion deadlock in map delete elem

CVE-2024-35895 addresses a vulnerability in the Linux kernel's Berkeley Packet Filter BPF subsystem, specifically within the sockmap feature. The issue arises when BPF tracing programs, which can execute in various interrupt contexts, attempt to delete elements from sockmap or sockhash maps. This...

SUSE CVE-2024-44996

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

AZL-49300 CVE-2024-44996 affecting package kernel for versions less than 6.6.51.1-1

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

CVE-2024-44996

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

UBUNTU-CVE-2024-44996

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

CVE-2024-44996 vsock: fix recursive ->recvmsg calls

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

CVE-2024-44996 vsock: fix recursive ->recvmsg calls

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive -recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot-recvmsg has been replaced with vsockbpfrecvmsg. Thus the following recursiion could happen: vsockbpfrecvmsg - vsockrecvmsg -...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: bpf, sockmap: Prevent lock inversion deadlock in map delete elem

CVE-2024-35895 addresses a vulnerability in the Linux kernel's Berkeley Packet Filter BPF subsystem, specifically within the sockmap feature. The issue arises when BPF tracing programs, which can execute in various interrupt contexts, attempt to delete elements from sockmap or sockhash maps. This...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

kernel: bpf, sockmap: Prevent lock inversion deadlock in map delete elem

CVE-2024-35895 addresses a vulnerability in the Linux kernel's Berkeley Packet Filter BPF subsystem, specifically within the sockmap feature. The issue arises when BPF tracing programs, which can execute in various interrupt contexts, attempt to delete elements from sockmap or sockhash maps. This...

RHEL 9 : kernel-rt (RHSA-2024:5673)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5673 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...