CVE-2024-50203
Published Nov 8, 2024
Last updated 9 days ago
Overview
- Description
- In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. This may cause a heap buffer overflow if the heap address is tagged because emit_a64_mov_i64() will emit longer code than it did during the size calculation pass. The same problem could occur without tag-based KASAN if one of the 16-bit words of the stack address happened to be all-ones during the size calculation pass. Fix the problem by assuming the worst case (4 instructions) when calculating the size of the bpf_tramp_image address emission.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Awaiting Analysis
Social media
- Hype score
- Not currently trending
CVE-2024-50203 Heap Buffer Overflow Fix in Linux Kernel's BPF with KASAN In the Linux kernel, a vulnerability has been fixed: This issue is with bpf and arm64 when tag-based KASAN is on. If BPF_TRAMP_F_CALL_ORIG... https://t.co/pri4tGXJxD
@VulmonFeeds
8 Nov 2024
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50203 In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enab… https://t.co/ONFuwosgRb
@CVEnew
8 Nov 2024
475 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes