SB20250117130 - Infinite loop in Linux kernel

Description

This security bulletin contains information about 1 security vulnerability.

1) Infinite loop (CVE-ID: CVE-2024-47794)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the bpf_attach_type_to_tramp(), __bpf_trampoline_link_prog(), __bpf_trampoline_unlink_prog(), bpf_shim_tramp_link_release() and bpf_trampoline_link_cgroup_shim() functions in kernel/bpf/trampoline.c, within the bpf_tracing_link_release() and bpf_tracing_prog_attach() functions in kernel/bpf/syscall.c, within the bpf_prog_alloc_no_stats() function in kernel/bpf/core.c, within the prog_fd_array_get_ptr() function in kernel/bpf/arraymap.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/987aa730bad3e1ef66d9f30182294daa78f6387d
• https://git.kernel.org/stable/c/d6083f040d5d8f8d748462c77e90547097df936e
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.5
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.13