Description

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. This may cause a heap buffer overflow if the heap address is tagged because emit_a64_mov_i64() will emit longer code than it did during the size calculation pass. The same problem could occur without tag-based KASAN if one of the 16-bit words of the stack address happened to be all-ones during the size calculation pass. Fix the problem by assuming the worst case (4 instructions) when calculating the size of the bpf_tramp_image address emission.

INFO

Published Date :

2024-11-08T06:07:54.207Z

Last Modified :

2025-05-22T12:39:47.050Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50203 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50203.

URL Resource
https://git.kernel.org/stable/c/7db1a2121f3c7903b8e397392beec563c3d00950 cve-icon cve-icon
https://git.kernel.org/stable/c/9e80f366ebfdfafc685fe83a84c34f7ef01cbe88 cve-icon cve-icon
https://git.kernel.org/stable/c/a552e2ef5fd1a6c78267cd4ec5a9b49aa11bbb1c cve-icon cve-icon
https://git.kernel.org/stable/c/f521c2a0c0c4585f36d912bf62c852b88682c4f2 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024110803-CVE-2024-50203-ca2d@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50203 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50203 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact