Denial of service in Linux kernel bpf



Published: 2024-04-22
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-26589
CWE-ID CWE-119
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Linux kernel
Operating systems & Components / Operating system

Vendor

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Buffer overflow

EUVDB-ID: #VU88886

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26589

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the adjust_ptr_min_max_vals() function in kernel/bpf/verifier.c. A local user can crash the OS kernel.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Linux kernel: before 5.15.148

External links

http://git.kernel.org/stable/c/29ffa63f21bcdcef3e36b03cccf9d0cd031f6ab0
http://git.kernel.org/stable/c/4108b86e324da42f7ed425bd71632fd844300dc8
http://git.kernel.org/stable/c/e8d3872b617c21100c5ee4f64e513997a68c2e3d
http://git.kernel.org/stable/c/1b500d5d6cecf98dd6ca88bc9e7ae1783c83e6d3
http://git.kernel.org/stable/c/22c7fa171a02d310e3a3f6ed46a698ca8a0060ed


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###