CVE-2024-56768
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix bpf_get_smp_processor_id() on !CONFIG_SMP
On x86-64 calling bpf_get_smp_processor_id() in a kernel with CONFIG_SMP disabled can trigger the following bug, as pcpu_hot is unavailable:
[ 8.471774] BUG: unable to handle page fault for address: 00000000936a290c [ 8.471849] #PF: supervisor read access in kernel mode [ 8.471881] #PF: error_code(0x0000) - not-present page
Fix by inlining a return 0 in the !CONFIG_SMP case.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 1ae6921009e5d72787e07ccc04754514ccf6bc99 < f4ab7d74247b0150547cf909b3f6f24ee85183df | affected |
| Linux | Linux | 1ae6921009e5d72787e07ccc04754514ccf6bc99 < 23579010cf0a12476e96a5f1acdf78a9c5843657 | affected |
| Linux | Linux | 6.10 | affected |
| Linux | Linux | 0 < 6.10 | unaffected |
| Linux | Linux | 6.12.8 <= 6.12.* | unaffected |
| Linux | Linux | 6.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/f4ab7d74247b0150547cf909b3f6f24ee85183df
- https://git.kernel.org/stable/c/23579010cf0a12476e96a5f1acdf78a9c5843657
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.