#VU102083 Out-of-bounds read in Linux kernel - CVE-2024-56615

Vulnerability identifier: #VU102083

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-56615

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/0f170e91d3063ca60baec4bd9f544faf3bfe29eb
https://git.kernel.org/stable/c/178e31df1fb3d9e0890eb471da16709cbc82edee
https://git.kernel.org/stable/c/70f3de869865f9c3da0508a5ea29f6f4c1889057
https://git.kernel.org/stable/c/8e858930695d3ebec423e85384c95427258c294f
https://git.kernel.org/stable/c/98c03d05936d846073df8f550e9e8bf0dde1d77f
https://git.kernel.org/stable/c/ab244dd7cf4c291f82faacdc50b45cc0f55b674d
https://git.kernel.org/stable/c/ad34306ac6836e5dd096b7d0ad4aa20cb7c8d9e5

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.