Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2024-47703— bpf, lsm: Add check for BPF LSM return value

AI Predicted 7.8 Difficulty: Hard EPSS 0.03% · P11

Affected Version Matrix 8

VendorProductVersion RangeStatus
LinuxLinux520b7aa00d8cd8e411ecc09f63a2acd90feb6d29< 1050727d83e70449991c29dd1cf29fe936a63da3affected
520b7aa00d8cd8e411ecc09f63a2acd90feb6d29< 27ca3e20fe80be85a92b10064dfeb56cb2564b1caffected
520b7aa00d8cd8e411ecc09f63a2acd90feb6d29< 5d99e198be279045e6ecefe220f5c52f8ce9bfd5affected
5.7affected
< 5.7unaffected
6.10.13≤ 6.10.*unaffected
6.11.2≤ 6.11.*unaffected
6.12≤ *unaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-47703

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
bpf, lsm: Add check for BPF LSM return value
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: bpf, lsm: Add check for BPF LSM return value A bpf prog returning a positive number attached to file_alloc_security hook makes kernel panic. This happens because file system can not filter out the positive number returned by the LSM prog using IS_ERR, and misinterprets this positive number as a file pointer. Given that hook file_alloc_security never returned positive number before the introduction of BPF LSM, and other BPF LSM hooks may encounter similar issues, this patch adds LSM return value check in verifier, to ensure no unexpected value is returned.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于bpf, lsm子系统BPF LSM返回值检查问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 520b7aa00d8cd8e411ecc09f63a2acd90feb6d29 ~ 1050727d83e70449991c29dd1cf29fe936a63da3 -
LinuxLinux 5.7 -

II. Public POCs for CVE-2024-47703

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-47703

登录查看更多情报信息。

Patches & Fixes for CVE-2024-47703 (3)

Same Patch Batch · Linux · 2024-10-21 · 372 CVEs total

CVE-2024-50019kthread: unpark only parked kthread
CVE-2024-50030drm/xe/ct: prevent UAF in send_recv()
CVE-2024-50028thermal: core: Reference count the zone in thermal_zone_get_by_id()
CVE-2024-50029Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
CVE-2024-50027thermal: core: Free tzp copy along with the thermal zone
CVE-2024-50025scsi: fnic: Move flush_work initialization out of if block
CVE-2024-50026scsi: wd33c93: Don't use stale scsi_pointer value
CVE-2024-50023net: phy: Remove LED entry from LEDs list on unregister
CVE-2024-50024net: Fix an unsafe loop on the list
CVE-2024-50022device-dax: correct pgoff align in dax_set_mapping()
CVE-2024-50021ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins()
CVE-2024-50020ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count()
CVE-2024-50011ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item
CVE-2024-50006ext4: fix i_data_sem unlock order in ext4_ind_migrate()
CVE-2024-50007ALSA: asihpi: Fix potential OOB array access
CVE-2024-50008wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext()
CVE-2024-50009cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value
CVE-2024-50010exec: don't WARN for racy path_noexec check
CVE-2024-50014ext4: fix access to uninitialised lock in fc replay path
CVE-2024-50017x86/mm/ident_map: Use gbpages only where full GB page should be mapped.

Showing top 20 of 372 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2024-47703

No comments yet

Leave a comment