CVE-2024-36964

MEDIUM

Linux kernel - Privilege Escalation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set (among others) the suid bit. This was presumably not the intent since the unix extended bits are handled explicitly and conditionally on .u.

References (9)

Core 9

Core References

Mailing List, Third Party Advisory

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Patch

https://git.kernel.org/stable/c/e90bc596a74bb905e0a45bf346038c3f9d1e868d

Patch

https://git.kernel.org/stable/c/df1962a199783ecd66734d563caf0fedecf08f96

Patch

https://git.kernel.org/stable/c/5a605930e19f451294bd838754f7d66c976a8a2c

Patch

https://git.kernel.org/stable/c/ad4f65328661392de74e3608bb736fedf3b67e32

Patch

https://git.kernel.org/stable/c/ca9b5c81f0c918c63d73d962ed8a8e231f840bc8

Patch

https://git.kernel.org/stable/c/e55c601af3b1223a84f9f27f9cdbd2af5e203bf3

Patch

https://git.kernel.org/stable/c/157d468e34fdd3cb1ddc07c2be32fb3b02826b02

Patch

https://git.kernel.org/stable/c/cd25e15e57e68a6b18dc9323047fe9c68b99290b

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 6.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (30)

debian/debian_linux 10.0

linux/Kernel 3.1.0 - 4.19.314linux

linux/Kernel 4.20.0 - 5.4.276linux

linux/Kernel 5.11.0 - 5.15.159linux

linux/Kernel 5.16.0 - 6.1.91linux

linux/Kernel 5.5.0 - 5.10.217linux

linux/Kernel 6.2.0 - 6.6.31linux

linux/Kernel 6.7.0 - 6.8.10linux

Linux/Linux < 3.1

Linux/Linux 29a3e8657d2a2640384166e3fe29a086d235fc33

... and 20 more

Published Jun 03, 2024

Tracked Since Feb 18, 2026