Fix Address Emission with Tag-Based KASAN Enabled
CVE-2024-50203

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
8 November 2024

What is CVE-2024-50203?

A vulnerability in the Linux kernel relates to the BPF (Berkeley Packet Filter) functionality specifically in arm64 architecture. This issue arises when BPF_TRAMP_F_CALL_ORIG is enabled, leading to a potential heap buffer overflow. The flaw occurs during the size calculation phase where a bpf_tramp_image struct’s stack address is incorrectly passed, causing the emitted instructions to exceed the expected size. The vulnerability can also be triggered when certain conditions related to stack addresses occur, further amplifying the risk of data corruption and system instability. A fix is implemented by ensuring the size calculation assumes the worst case, which mitigates the risk of erroneous code generation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 077149478497b2f00ff4fd9da2c892defa6418d8 < 9e80f366ebfdfafc685fe83a84c34f7ef01cbe88

Linux d9664e6ff040798a46cdc5d401064f55b8676c83

Linux 19d3c179a37730caf600a97fed3794feac2b197b < 7db1a2121f3c7903b8e397392beec563c3d00950

References

https://git.kernel.org/stable/c/9e80f366ebfdfafc685fe83a8...
https://git.kernel.org/stable/c/f521c2a0c0c4585f36d912bf6...
https://git.kernel.org/stable/c/7db1a2121f3c7903b8e397392...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.