CVE-2024-56768
MEDIUMLinux Kernel - Use After Free
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_get_smp_processor_id() on !CONFIG_SMP On x86-64 calling bpf_get_smp_processor_id() in a kernel with CONFIG_SMP disabled can trigger the following bug, as pcpu_hot is unavailable: [ 8.471774] BUG: unable to handle page fault for address: 00000000936a290c [ 8.471849] #PF: supervisor read access in kernel mode [ 8.471881] #PF: error_code(0x0000) - not-present page Fix by inlining a return 0 in the !CONFIG_SMP case.
Exploits (1)
github
WRITEUP
by fabrizioperna · cpoc
https://github.com/fabrizioperna/ebpf-verifier-cve-pocs/tree/main/CVE-2024-56768
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
5.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
Status
published
Products (3)
linux/Kernel
6.10.0 - 6.12.8linux
linux/linux_kernel
6.13 rc1 (3 CPE variants)
linux/linux_kernel
6.10 - 6.12.8
Published
Jan 06, 2025
Tracked Since
Feb 18, 2026