In the Linux kernel, the following vulnerability has been resolved:
tracing/trigger: Fix to return error if failed to alloc snapshot Fix
register_snapshot_trigger() to return error code if it failed to allocate a
snapshot instead of 0 (success). Unless that, it will register snapshot
trigger without an error.
Author | Note |
---|---|
Priority reason: Exploitation requires write access to the tracing subsystem, which is restricted to root by default on Ubuntu kernels |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-181.201 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-106.116 | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1124.134 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1061.67 | UNKNOWN |
git.kernel.org/linus/0958b33ef5a04ed91f61cef4760ac412080c4e08 (6.8-rc3)
git.kernel.org/stable/c/0958b33ef5a04ed91f61cef4760ac412080c4e08
git.kernel.org/stable/c/36be97e9eb535fe3008a5cb040b1e56f29f2e398
git.kernel.org/stable/c/4b001ef14baab16b553a002cb9979e31b8fc0c6b
git.kernel.org/stable/c/56cfbe60710772916a5ba092c99542332b48e870
git.kernel.org/stable/c/6022c065c9ec465d84cebff8f480db083e4ee06b
git.kernel.org/stable/c/8ffd5590f4d6ef5460acbeac7fbdff7025f9b419
git.kernel.org/stable/c/b5085b5ac1d96ea2a8a6240f869655176ce44197
git.kernel.org/stable/c/bcf4a115a5068f3331fafb8c176c1af0da3d8b19
launchpad.net/bugs/cve/CVE-2024-26920
nvd.nist.gov/vuln/detail/CVE-2024-26920
security-tracker.debian.org/tracker/CVE-2024-26920
ubuntu.com/security/notices/USN-6766-1
ubuntu.com/security/notices/USN-6766-2
ubuntu.com/security/notices/USN-6766-3
ubuntu.com/security/notices/USN-6767-1
ubuntu.com/security/notices/USN-6767-2
ubuntu.com/security/notices/USN-6795-1
ubuntu.com/security/notices/USN-6828-1
www.cve.org/CVERecord?id=CVE-2024-26920