CVE-2024-56768

MEDIUM

Linux Kernel 6.10-6.12.8 - Denial of Service via bpf_get_smp_processor_id() on !CONFIG_SMP

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-56768. PoCs published by fabrizioperna.

AI-analyzed exploit summary This repository contains a detailed technical analysis and breakdown of the CVE-2018-18445 vulnerability in the eBPF verifier, including explanations of BPF instruction macros and utility functions. It provides a comprehensive guide to understanding the exploit but does not include functional exploit code for CVE-2024-56768.

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_get_smp_processor_id() on !CONFIG_SMP On x86-64 calling bpf_get_smp_processor_id() in a kernel with CONFIG_SMP disabled can trigger the following bug, as pcpu_hot is unavailable: [ 8.471774] BUG: unable to handle page fault for address: 00000000936a290c [ 8.471849] #PF: supervisor read access in kernel mode [ 8.471881] #PF: error_code(0x0000) - not-present page Fix by inlining a return 0 in the !CONFIG_SMP case.

Exploits (1)

github WRITEUP

by fabrizioperna · cpoc

https://github.com/fabrizioperna/ebpf-verifier-cve-pocs/tree/main/CVE-2024-56768

View Code ZIP pw:eip

This repository contains a detailed technical analysis and breakdown of the CVE-2018-18445 vulnerability in the eBPF verifier, including explanations of BPF instruction macros and utility functions. It provides a comprehensive guide to understanding the exploit but does not include functional exploit code for CVE-2024-56768.

Classification

Writeup 95%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Linux Kernel eBPF verifier

No auth needed

Prerequisites: Ubuntu MATE 18.04.1 environment · gcc compiler

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/f4ab7d74247b0150547cf909b3f6f24ee85183df

Patch

https://git.kernel.org/stable/c/23579010cf0a12476e96a5f1acdf78a9c5843657

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 10.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (9)

linux/Kernel 6.10.0 - 6.12.8linux

Linux/Linux < 6.10

Linux/Linux 1ae6921009e5d72787e07ccc04754514ccf6bc99 - 23579010cf0a12476e96a5f1acdf78a9c5843657

Linux/Linux 1ae6921009e5d72787e07ccc04754514ccf6bc99 - f4ab7d74247b0150547cf909b3f6f24ee85183df

Linux/Linux 6.10

Linux/Linux 6.12.8 - 6.12.*

Linux/Linux 6.13

linux/linux_kernel 6.13 rc1 (3 CPE variants)

linux/linux_kernel 6.10 - 6.12.8

Published Jan 06, 2025

Tracked Since Feb 18, 2026