Untriaged
Permalink
CVE-2024-2313
2.8 LOW
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): HIGH
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): CHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
If kernel headers need to be extracted, bpftrace will attempt …
If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
References
- https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
- https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
- https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… x_transferred patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking x_transferred
- https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
- https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… x_transferred patch
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking x_transferred
Affected products
bpftrace
- <v0.20.2
Matching in nixpkgs
pkgs.linuxPackages.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxPackages_zen.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxPackages-libre.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxPackages_latest.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxPackages_xanmod.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxKernel.packages.linux_6_6.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxKernel.packages.linux_lqx.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxKernel.packages.linux_5_10.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxKernel.packages.linux_6_16.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxKernel.packages.linux_xanmod.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
pkgs.linuxKernel.packages.linux_6_12_hardened.bpftrace
High-level tracing language for Linux eBPF
-
nixos-unstable -
- nixpkgs-unstable 0.23.5
Package maintainers
-
@thoughtpolice Austin Seipp <aseipp@pobox.com>
-
@martinetd Dominique Martinet <f.ktfhrvnznqxacf@noclue.notk.org>
-
@mfrw Muhammad Falak R Wani <falakreyaz@gmail.com>
-
@illustris Harikrishnan R <me@illustris.tech>
-
@rvl Rodney Lorrimar <dev+nix@rodney.id.au>