2.8 LOW
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): HIGH
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
If kernel headers need to be extracted, bcc will attempt …
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
References
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 x_transferred patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking x_transferred
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 x_transferred patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking x_transferred
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking
- https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 x_transferred patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking x_transferred
Affected products
- <008ea09e891194c072f2a9305a3c872a241dc342
Matching in nixpkgs
pkgs.libccd
Library for collision detection between two convex shapes
-
nixos-unstable -
- nixpkgs-unstable 2.1
pkgs.doom-bcc
Compiler for Doom/Hexen scripts (ACS, BCS)
-
nixos-unstable -
- nixpkgs-unstable 2018-01-04
pkgs.linuxPackages.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxPackages_zen.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.python312Packages.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.python313Packages.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxPackages-libre.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxPackages_latest.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxPackages_xanmod.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxKernel.packages.linux_6_6.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxKernel.packages.linux_lqx.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxKernel.packages.linux_5_10.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxKernel.packages.linux_6_16.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxKernel.packages.linux_xanmod.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
pkgs.linuxKernel.packages.linux_6_12_hardened.bcc
Dynamic Tracing Tools for Linux
-
nixos-unstable -
- nixpkgs-unstable 0.35.0
Package maintainers
-
@ryan4yin Ryan Yin <xiaoyin_c@qq.com>
-
@thoughtpolice Austin Seipp <aseipp@pobox.com>
-
@martinetd Dominique Martinet <f.ktfhrvnznqxacf@noclue.notk.org>
-
@ragnard Ragnar Dahlen <r.dahlen@gmail.com>
-
@Mic92 Jörg Thalheim <joerg@thalheim.io>
-
@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>