CVE-2024-42072Untrusted Pointer Dereference in Linux

CWE-822Untrusted Pointer Dereference6 documents6 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 93.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
LinuxLinux KernelDebian Linux+4 more
Timeline
PublishedJul 29
Latest updateDec 10

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix may_goto with negative offset. Zac's syzbot crafted a bpf prog that exposed two bugs in may_goto. The 1st bug is the way may_goto is patched. When offset is negative it should be patched differently. The 2nd bug is in the verifier: when current state may_goto_depth is equal to visited state may_goto_depth it means there is an actual infinite loop. It's not correct to prune exploration of the program at this point. Not

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages8 packages

NVDlinux/linux_kernel6.96.9.8+1
Debianlinux/linux_kernel< 6.9.8-1+1
CVEListV5linux/linux011832b97b311bb9e3c27945bc0d1089a14209c9175827e04f4be53f3dfb57edf12d0d49b18fd939+2
debiandebian/linux< linux 6.9.8-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-hwc3-9p27-c4j6: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix may_goto with negative offset2024-07-29
OSV
CVE-2024-42072: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix may_goto with negative offset2024-07-29

📋Vendor Advisories

3
Microsoft
CVE-2024-42072: NIST NVD Details: https://nvd2024-12-10
Red Hat
kernel: bpf: Fix may_goto with negative offset.2024-07-29
Debian
CVE-2024-42072: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix ma...2024
CVE-2024-42072 — Untrusted Pointer Dereference in Linux | cvebase