Описание
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
Меры по смягчению последствий
The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space. For Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled. For Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:
The setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw. A kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN (or CAP_BPF) capabilities.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Will not fix | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2024:2950 | 22.05.2024 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2024:3138 | 22.05.2024 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | kernel | Fixed | RHSA-2024:0724 | 07.02.2024 |
| Red Hat Enterprise Linux 8.8 Extended Update Support | kernel | Fixed | RHSA-2024:10262 | 26.11.2024 |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2024:0724 | 07.02.2024 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
EPSS
7 High
CVSS3
Связанные уязвимости
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leadi ...
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.
EPSS
7 High
CVSS3