CVE-2024-36918

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check bloom filter map value size

This patch adds a missing check to bloom filter creating, rejecting values above KMALLOC_MAX_SIZE. This brings the bloom map in line with many other map types.

The lack of this protection can cause kernel crashes for value sizes that overflow int's. Such a crash was caught by syzkaller. The next patch adds more guard-rails at a lower level.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9330986c03006ab1d33d243b7cfe598a7a3c1baa < fa6995eeb62e74b5a1480c73fb7b420c270784d3affected
LinuxLinux9330986c03006ab1d33d243b7cfe598a7a3c1baa < 608e13706c8b6c658a0646f09ebced74ec367f7caffected
LinuxLinux9330986c03006ab1d33d243b7cfe598a7a3c1baa < c418afb9bf23e2f2b76cb819601e4a5d9dbab42daffected
LinuxLinux9330986c03006ab1d33d243b7cfe598a7a3c1baa < a8d89feba7e54e691ca7c4efc2a6264fa83f3687affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.91 <= 6.1.*unaffected
LinuxLinux6.6.31 <= 6.6.*unaffected
LinuxLinux6.8.10 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References