跳转到帖子

Red Hat: CVE-2024-2314: bcc: unprivileged users can force loading of compromised linux headers (Multiple Advisories)

recommended_posts

发布于
  • Members

Red Hat: CVE-2024-2314: bcc: unprivileged users can force loading of compromised linux headers (Multiple Advisories)

Severity
1
CVSS
(AV:L/AC:H/Au:S/C:N/I:N/A:P)
Published
03/10/2024
Created
11/07/2024
Added
11/06/2024
Modified
11/13/2024

Description

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

Solution(s)

  • redhat-upgrade-bcc
  • redhat-upgrade-bcc-debuginfo
  • redhat-upgrade-bcc-debugsource
  • redhat-upgrade-bcc-devel
  • redhat-upgrade-bcc-doc
  • redhat-upgrade-bcc-tools
  • redhat-upgrade-bcc-tools-debuginfo
  • redhat-upgrade-libbpf-tools
  • redhat-upgrade-libbpf-tools-debuginfo
  • redhat-upgrade-python3-bcc

References

  • CVE-2024-2314
  • RHSA-2024:8831
  • RHSA-2024:9187
  • 查看数 704
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。

游客
回帖…