SB2024062196 - NULL pointer dereference in Linux kernel bpf
Published: June 21, 2024 Updated: May 13, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2024-38566)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the real_bind() function in tools/testing/selftests/bpf/progs/lsm_cgroup.c, within the BPF_PROG() function in tools/testing/selftests/bpf/progs/local_storage.c, within the SEC() function in tools/testing/selftests/bpf/progs/bench_local_storage_create.c, within the mark_btf_ld_reg(), check_map_kptr_access(), is_trusted_reg(), bpf_map_direct_read(), BTF_TYPE_SAFE_TRUSTED(), type_is_trusted() and check_ptr_to_btf_access() functions in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/39f8a29330f433000e716eefc4b9abda05b71a82
- https://git.kernel.org/stable/c/6f5ae91172a93abac9720ba94edf3ec8f4d7f24f
- https://git.kernel.org/stable/c/c58ccdd2483a1d990748cdaf94206b5d5986a001
- https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.12