CVE-2024-42075

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix remap of arena.

The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arena_vm_close.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux317460317a02a1af512697e6e964298dedd8a163 < 87496a1b01e8e2e399428c0db25e106f7961d01eaffected
LinuxLinux317460317a02a1af512697e6e964298dedd8a163 < b90d77e5fd784ada62ddd714d15ee2400c28e1cfaffected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.9.8 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References