Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Check validity of link->type in bpf_link_show_fdinfo() If a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing bpf_link_type_strs[link->type] may result in an out-of-bounds access. To spot such missed invocations early in the future, checking the validity of link->type in bpf_link_show_fdinfo() and emitting a warning when such invocations are missed.

INFO

Published Date :

2024-11-25T21:21:27.691Z

Last Modified :

2025-11-03T20:45:50.627Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53099 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53099.

URL Resource
https://git.kernel.org/stable/c/24fec234d2ba9ca3c14e545ebe3fd6dcb47f074d cve-icon cve-icon
https://git.kernel.org/stable/c/4e8074bb33d18f56af30a0252cb3606d27eb1c13 cve-icon cve-icon
https://git.kernel.org/stable/c/79f87a6ec39fb5968049a6775a528bf58b25c20a cve-icon cve-icon
https://git.kernel.org/stable/c/8421d4c8762bd022cb491f2f0f7019ef51b4f0a7 cve-icon cve-icon
https://git.kernel.org/stable/c/b3eb1b6a9f745d6941b345f0fae014dc8bb06d36 cve-icon cve-icon
https://git.kernel.org/stable/c/d5092b0a1aaf35d77ebd8d33384d7930bec5cb5d cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html cve-icon
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html cve-icon
https://lore.kernel.org/linux-cve-announce/2024112506-CVE-2024-53099-e454@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-53099 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-53099 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact