CVE-2024-35903 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for the CALL instruction if `x86_call_depth_emit_accounting` emits code. Otherwise we will skip some instructions and most likely crash.

PUBLISHED Reserved 2024-05-17 | Published 2024-05-19 | Updated 2025-05-04 | Assigner Linux

Product status

Default status

unaffected

b2e9dfe54be4d023124d588d6f03d16a9c0d2507 (git) before 3f9d57c771656bfd651e22edcfdb5f60e62542d4

affected

b2e9dfe54be4d023124d588d6f03d16a9c0d2507 (git) before 81166178cf0a0062a22b1b3b5368183d39577028

affected

b2e9dfe54be4d023124d588d6f03d16a9c0d2507 (git) before 9d98aa088386aee3db1b7b60b800c0fde0654a4a

affected

Default status

affected

6.2

affected

Any version before 6.2

unaffected

6.6.26 (semver)

unaffected

6.8.5 (semver)

unaffected

6.9 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/3f9d57c771656bfd651e22edcfdb5f60e62542d4

git.kernel.org/...c/81166178cf0a0062a22b1b3b5368183d39577028

git.kernel.org/...c/9d98aa088386aee3db1b7b60b800c0fde0654a4a

cve.org (CVE-2024-35903)

nvd.nist.gov (CVE-2024-35903)

Download JSON

help @ threatint.eu