We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-2314



Description

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

Reserved 2024-03-07 | Published 2024-03-10 | Updated 2024-10-30 | Assigner canonical


LOW: 2.8CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

Product status

Any version before 008ea09e891194c072f2a9305a3c872a241dc342
affected

Credits

Mark Esler finder

Seth Arnold analyst

Brendan Gregg remediation developer

References

github.com/...ommit/008ea09e891194c072f2a9305a3c872a241dc342 patch

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 issue-tracking

cve.org (CVE-2024-2314)

nvd.nist.gov (CVE-2024-2314)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-2314

Support options

Helpdesk Chat, Email, Knowledgebase