Lucene search
LinuxVULNRICHMENT:CVE-2024-38566HistoryJun 19, 2024 - 1:35 p.m.
CVE-2024-38566 bpf: Fix verifier assumptions about socket->sk
2024-06-1913:35:33
Linux
github.com
1
linux kernel
bpf
vulnerability
verifier
socket
lsm
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix verifier assumptions about socket->sk
The verifier assumes that ‘sk’ field in ‘struct socket’ is valid
and non-NULL when ‘socket’ pointer itself is trusted and non-NULL.
That may not be the case when socket was just created and
passed to LSM socket_accept hook.
Fix this verifier assumption and adjust tests.
Related
osv
osv
CVE-2024-38566
2024-06-19 14:15:00
linux-oem-6.8 vulnerabilities
2024-08-12 18:05:26
linux-lowlatency, linux-raspi vulnerabilities
2024-08-13 17:30:34
nvd
nvd
CVE-2024-38566
2024-06-19 14:15:16
redhatcve
redhatcve
CVE-2024-38566
2024-06-20 15:54:49
cve
cve
CVE-2024-38566
2024-06-19 14:15:16
ubuntucve
ubuntucve
CVE-2024-38566
2024-06-19 00:00:00
debiancve
debiancve
CVE-2024-38566
2024-06-19 14:15:16
cvelist
cvelist
CVE-2024-38566 bpf: Fix verifier assumptions about socket->sk
2024-06-19 13:35:33
openvas
openvas
Ubuntu: Security Advisory (USN-6949-2)
2024-08-14 00:00:00
Ubuntu: Security Advisory (USN-6955-1)
2024-08-13 00:00:00
Ubuntu: Security Advisory (USN-6952-2)
2024-08-14 00:00:00
nessus
nessus
Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6955-1)
2024-08-12 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6949-2)
2024-08-13 00:00:00
Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6952-1)
2024-08-09 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-08-08 00:00:00
Linux kernel vulnerabilities
2024-08-13 00:00:00
Linux kernel (OEM) vulnerabilities
2024-08-12 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38
AI Score
6.6
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-38566