CVE-2024-38662
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: Allow delete from sockmap/sockhash only if update is allowed
We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash.
We don't intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map.
From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | dd54b48db0c822ae7b520bc80751f0a0a173ef75 < 29467edc23818dc5a33042ffb4920b49b090e63d | affected |
| Linux | Linux | d1e73fb19a4c872d7a399ad3c66e8ca30e0875ec < 11e8ecc5b86037fec43d07b1c162e233e131b1d9 | affected |
| Linux | Linux | a44770fed86515eedb5a7c00b787f847ebb134a5 < 6693b172f008846811f48a099f33effc26068e1e | affected |
| Linux | Linux | 668b3074aa14829e2ac2759799537a93b60fef86 < 000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1 | affected |
| Linux | Linux | ff91059932401894e6c86341915615c5eb0eca48 < b81e1c5a3c70398cf76631ede63a03616ed1ba3c | affected |
| Linux | Linux | ff91059932401894e6c86341915615c5eb0eca48 < 98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d | affected |
| Linux | Linux | f7990498b05ac41f7d6a190dc0418ef1d21bf058 | affected |
| Linux | Linux | 6af057ccdd8e7619960aca1f0428339f213b31cd | affected |
| Linux | Linux | 5.10.215 < 5.10.219 | affected |
| Linux | Linux | 5.15.154 < 5.15.161 | affected |
| Linux | Linux | 6.1.85 < 6.1.93 | affected |
| Linux | Linux | 6.6.26 < 6.6.33 | affected |
| Linux | Linux | 5.4.274 < 5.5 | affected |
| Linux | Linux | 6.8.5 < 6.9 | affected |
| Linux | Linux | 6.9 | affected |
| Linux | Linux | 0 < 6.9 | unaffected |
| Linux | Linux | 5.10.219 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.161 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.93 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.33 <= 6.6.* | unaffected |
| Linux | Linux | 6.9.4 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/29467edc23818dc5a33042ffb4920b49b090e63d
- https://git.kernel.org/stable/c/11e8ecc5b86037fec43d07b1c162e233e131b1d9
- https://git.kernel.org/stable/c/6693b172f008846811f48a099f33effc26068e1e
- https://git.kernel.org/stable/c/000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1
- https://git.kernel.org/stable/c/b81e1c5a3c70398cf76631ede63a03616ed1ba3c
- https://git.kernel.org/stable/c/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d
Additional References
- https://cert-portal.siemens.com/productcert/html/ssa-265688.html
- https://cert-portal.siemens.com/productcert/html/ssa-613116.html
References
- https://git.kernel.org/stable/c/29467edc23818dc5a33042ffb4920b49b090e63d
- https://git.kernel.org/stable/c/11e8ecc5b86037fec43d07b1c162e233e131b1d9
- https://git.kernel.org/stable/c/6693b172f008846811f48a099f33effc26068e1e
- https://git.kernel.org/stable/c/000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1
- https://git.kernel.org/stable/c/b81e1c5a3c70398cf76631ede63a03616ed1ba3c
- https://git.kernel.org/stable/c/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.