CVE-2024-42067
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: Take return from set_memory_rox() into account with bpf_jit_binary_lock_ro()
set_memory_rox() can fail, leaving memory unprotected.
Check return and bail out when bpf_jit_binary_lock_ro() returns an error.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | d48567c9a0d1e605639f8a8705a61bbb55fb4e84 < 044da7ae7afd4ef60806d73654a2e6a79aa4ed7a | affected |
| Linux | Linux | d48567c9a0d1e605639f8a8705a61bbb55fb4e84 < e60adf513275c3a38e5cb67f7fd12387e43a3ff5 | affected |
| Linux | Linux | 6.2 | affected |
| Linux | Linux | 0 < 6.2 | unaffected |
| Linux | Linux | 6.9.8 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/08f6c05feb1db21653e98ca84ea04ca032d014c7
- https://git.kernel.org/stable/c/9fef36cad60d4226f9d06953cd56d1d2f9119730
- https://git.kernel.org/stable/c/044da7ae7afd4ef60806d73654a2e6a79aa4ed7a
- https://git.kernel.org/stable/c/e60adf513275c3a38e5cb67f7fd12387e43a3ff5
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/044da7ae7afd4ef60806d73654a2e6a79aa4ed7a
- https://git.kernel.org/stable/c/e60adf513275c3a38e5cb67f7fd12387e43a3ff5
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.