In the Linux kernel, the following vulnerability has been resolved:
bpf, lsm: Add check for BPF LSM return value
A bpf prog returning a positive number attached to file_alloc_security
hook makes kernel panic.
This happens because file system can not filter out the positive number
returned by the LSM prog using IS_ERR, and misinterprets this positive
number as a file pointer.
Given that hook file_alloc_security never returned positive number
before the introduction of BPF LSM, and other BPF LSM hooks may
encounter similar issues, this patch adds LSM return value check
in verifier, to ensure no unexpected value is returned.
Metrics
Affected Vendors & Products
References
History
Thu, 26 Dec 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-681 |
Thu, 24 Oct 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
Tue, 22 Oct 2024 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Mon, 21 Oct 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 21 Oct 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LSM prog using IS_ERR, and misinterprets this positive number as a file pointer. Given that hook file_alloc_security never returned positive number before the introduction of BPF LSM, and other BPF LSM hooks may encounter similar issues, this patch adds LSM return value check in verifier, to ensure no unexpected value is returned. | |
Title | bpf, lsm: Add check for BPF LSM return value | |
References |
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-10-21T11:53:38.714Z
Updated: 2024-12-19T09:26:25.636Z
Reserved: 2024-09-30T16:00:12.945Z
Link: CVE-2024-47703
Vulnrichment
Updated: 2024-10-21T13:04:19.828Z
NVD
Status : Analyzed
Published: 2024-10-21T12:15:06.823
Modified: 2024-10-24T13:33:36.957
Link: CVE-2024-47703
Redhat