Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-2314

Published: 10/03/2024 Updated: 11/03/2024

Vulnerability Summary

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

Vendor Advisories

Debian CVElist Bug Report Logs: bpfcc: CVE-2024-2314
Debian Bug report logs - #1071747 bpfcc: CVE-2024-2314 Package: src:bpfcc; Maintainer for src:bpfcc is Ritesh Raj Sarraf <rrs@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 24 May 2024 14:57:02 UTC Severity: important Tags: security Reply or subscribe to this bug Toggle useless messag ...
Amazon Linux 2: ALAS-2024-2551
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory An unprivileged attacker could use this to force bcc to load compromised linux headers Linux distributions which provide kernel headers by default are not affected by default (CVE-2024-2314) ...

References

https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071747https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2024-2551.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316SQL injectiontype confusionCVE-2024-20697CVE-2024-4344localCVE-2024-30043CVE-2024-3821CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook