Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Check bloom filter map value size This patch adds a missing check to bloom filter creating, rejecting values above KMALLOC_MAX_SIZE. This brings the bloom map in line with many other map types. The lack of this protection can cause kernel crashes for value sizes that overflow int's. Such a crash was caught by syzkaller. The next patch adds more guard-rails at a lower level.

INFO

Published Date :

2024-05-30T15:29:13.904Z

Last Modified :

2025-05-04T09:12:03.871Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-36918 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-36918.

URL Resource
https://git.kernel.org/stable/c/608e13706c8b6c658a0646f09ebced74ec367f7c cve-icon cve-icon
https://git.kernel.org/stable/c/a8d89feba7e54e691ca7c4efc2a6264fa83f3687 cve-icon cve-icon
https://git.kernel.org/stable/c/c418afb9bf23e2f2b76cb819601e4a5d9dbab42d cve-icon cve-icon
https://git.kernel.org/stable/c/fa6995eeb62e74b5a1480c73fb7b420c270784d3 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024053039-CVE-2024-36918-f8bc@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-36918 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-36918 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact