CVE-2024-50262

Nov. 13, 2024, 9:10 p.m.

7.8
High

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths from the root to leaves. For example, consider a trie with max_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ... 0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with .prefixlen = 8 make 9 nodes be written on the node stack with size 8.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *, 6.12

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel / / / / / / / /
o linux linux_kernel 6.12 rc1 / / / / / /
o linux linux_kernel 6.12 rc2 / / / / / /
o linux linux_kernel 6.12 rc3 / / / / / /
o linux linux_kernel 6.12 rc4 / / / / / /
o linux linux_kernel 6.12 rc5 / / / / / /

References

https://git.kernel.org/stable/c/13400ac8fb80c57c2bfb12ebd35ee121ce9b4d21
https://git.kernel.org/stable/c/590976f921723d53ac199c01d5b7b73a94875e68
https://git.kernel.org/stable/c/86c8ebe02d8806dd8878d0063e8e185622ab6ea6
https://git.kernel.org/stable/c/90a6e0e1e151ef7a9282e78f54c3091de2dcc99c
https://git.kernel.org/stable/c/91afbc0eb3c90258ae378ae3c6ead3d2371e926d
https://git.kernel.org/stable/c/a035df0b98df424559fd383e8e1a268f422ea2ba
https://git.kernel.org/stable/c/c4b4f9a9ab82238cb158fa4fe61a8c0ae21a4980
https://git.kernel.org/stable/c/e8494ac079814a53fbc2258d2743e720907488ed

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
CWE-787
2024-11-09
CVE-2024-50262

CVSS Score

7.8 / 10

CVSS Data - 3.1

  • Attack Vector: LOCAL
  • Attack Complexity: LOW
  • Privileges Required: LOW
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: Nov. 9, 2024, 11:15 a.m.
Last Modified: Nov. 13, 2024, 9:10 p.m.

Status : Analyzed

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.