#VU93849 Permissions, Privileges, and Access Controls in Linux kernel - CVE-2024-38564
Vulnerability identifier: #VU93849
Vulnerability risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due to improper checks within with bpf_prog_attach_check_attach_type() function in kernel/bpf/syscall.c. A local user can bypass certain security restrictions.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Linux kernel: All versions
External links
http://git.kernel.org/stable/c/6675c541f540a29487a802d3135280b69b9f568d
http://git.kernel.org/stable/c/67929e973f5a347f05fef064fea4ae79e7cdb5fd
http://git.kernel.org/stable/c/b34bbc76651065a5eafad8ddff1eb8d1f8473172
http://git.kernel.org/stable/c/543576ec15b17c0c93301ac8297333c7b6e84ac7
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
