CVE-2024-42068

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()

set_memory_ro() can fail, leaving memory unprotected.

Check its return and take it into account as an error.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux60a3b2253c413cf601783b070507d7dd6620c954 < a359696856ca9409fb97655c5a8ef0f549cb6e03affected
LinuxLinux60a3b2253c413cf601783b070507d7dd6620c954 < e4f602e3ff749ba770bf8ff10196e18358de6720affected
LinuxLinux60a3b2253c413cf601783b070507d7dd6620c954 < 05412471beba313ecded95aa17b25fe84bb2551aaffected
LinuxLinux60a3b2253c413cf601783b070507d7dd6620c954 < 7d2cc63eca0c993c99d18893214abf8f85d566d8affected
LinuxLinux3.18affected
LinuxLinux0 < 3.18unaffected
LinuxLinux5.15.162 <= 5.15.*unaffected
LinuxLinux6.1.97 <= 6.1.*unaffected
LinuxLinux6.9.8 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References