CVE-2024-36481 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: fix error check in parse_btf_field() btf_find_struct_member() might return NULL or an error via the ERR_PTR() macro. However, its caller in parse_btf_field() only checks for the NULL condition. Fix this by using IS_ERR() and returning the error up the stack.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.10.0:rc1::::::

References

Link	Resource
https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0	Mailing List Patch
https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a	Mailing List Patch
https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb	Mailing List Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Linux

Published: 2024-06-21T11:18:47.482Z

Updated: 2024-06-21T11:18:47.482Z

Reserved: 2024-06-21T11:16:40.616Z

Link: CVE-2024-36481

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-06-21T12:15:11.110

Modified: 2024-06-24T18:35:33.157

Link: CVE-2024-36481

JSON object: View

Redhat Information

No data.

CWE

CWE-754

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-36481", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-21T11:16:40.616Z", "datePublished": "2024-06-21T11:18:47.482Z", "dateUpdated": "2024-06-21T11:18:47.482Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-21T11:18:47.482Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/probes: fix error check in parse_btf_field()\n\nbtf_find_struct_member() might return NULL or an error via the\nERR_PTR() macro. However, its caller in parse_btf_field() only checks\nfor the NULL condition. Fix this by using IS_ERR() and returning the\nerror up the stack."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/trace/trace_probe.c"], "versions": [{"version": "c440adfbe302", "lessThan": "ad4b202da2c4", "status": "affected", "versionType": "git"}, {"version": "c440adfbe302", "lessThan": "4ed468edfeb5", "status": "affected", "versionType": "git"}, {"version": "c440adfbe302", "lessThan": "e569eb349702", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["kernel/trace/trace_probe.c"], "versions": [{"version": "6.6", "status": "affected"}, {"version": "0", "lessThan": "6.6", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.33", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9.4", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.10-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a"}, {"url": "https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0"}, {"url": "https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb"}], "title": "tracing/probes: fix error check in parse_btf_field()", "x_generator": {"engine": "bippy-7d53e8ef8be4"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D42A7C6-CE38-4D73-B7AC-615F6D53F783", "versionEndExcluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6277DEEA-F81C-4E0A-A6D8-AC6163A00A7D", "versionEndExcluding": "6.6.33", "versionStartIncluding": "6.6.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE", "versionEndExcluding": "6.9.4", "versionStartIncluding": "6.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/probes: fix error check in parse_btf_field()\n\nbtf_find_struct_member() might return NULL or an error via the\nERR_PTR() macro. However, its caller in parse_btf_field() only checks\nfor the NULL condition. Fix this by using IS_ERR() and returning the\nerror up the stack."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: rastreo/sondas: correcci\u00f3n de verificaci\u00f3n de errores en parse_btf_field() btf_find_struct_member() puede devolver NULL o un error a trav\u00e9s de la macro ERR_PTR(). Sin embargo, su llamador en parse_btf_field() solo verifica la condici\u00f3n NULL. Solucione este problema usando IS_ERR() y devolviendo el error en la pila."}], "id": "CVE-2024-36481", "lastModified": "2024-06-24T18:35:33.157", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-21T12:15:11.110", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/4ed468edfeb54c7202e559eba74c25fac6a0dad0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/ad4b202da2c498fefb69e5d87f67b946e7fe1e6a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/e569eb34970281438e2b48a3ef11c87459fcfbcb"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}