CVE-2024-38566

MEDIUM

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix verifier assumptions about socket->sk The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. That may not be the case when socket was just created and passed to LSM socket_accept hook. Fix this verifier assumption and adjust tests.

Exploits (1)

github WORKING POC

by fabrizioperna · cpoc

https://github.com/fabrizioperna/ebpf-verifier-cve-pocs/tree/main/CVE-2024-38566

View Code ZIP pw:eip

References (4)

[Patch] https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e

[Patch] https://git.kernel.org/stable/c/39f8a29330f433000e716eefc4b9abda05b71a82

[Patch] https://git.kernel.org/stable/c/6f5ae91172a93abac9720ba94edf3ec8f4d7f24f

[Patch] https://git.kernel.org/stable/c/c58ccdd2483a1d990748cdaf94206b5d5986a001

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

Status published

Products (4)

linux/Kernel 6.4.0 - 6.6.33linux

linux/Kernel 6.7.0 - 6.8.12linux

linux/Kernel 6.9.0 - 6.9.3linux

linux/linux_kernel 6.4 - 6.6.33

Published Jun 19, 2024

Tracked Since Feb 18, 2026