high
7.8
CWE
190 129
EPSS
0.044%
Advisory Published
CVE Published
Updated

CVE-2024-35905: bpf: Protect against int overflow for stack access size

First published: Sun May 19 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size The Linux kernel CVE team has assigned <a href="https://access.redhat.com/security/cve/CVE-2024-35905">CVE-2024-35905</a> to this issue. Upstream advisory: <a href="https://lore.kernel.org/linux-cve-announce/2024051954-CVE-2024-35905-d079@gregkh/T">https://lore.kernel.org/linux-cve-announce/2024051954-CVE-2024-35905-d079@gregkh/T</a>

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
redhat/kernel<5.10.215
5.10.215
redhat/kernel<5.15.154
5.15.154
redhat/kernel<6.1.85
6.1.85
redhat/kernel<6.6.26
6.6.26
redhat/kernel<6.8.5
6.8.5
redhat/kernel<6.9
6.9
Linux Kernel>=5.10.209<5.10.215
Linux Kernel>=5.15.148<5.15.154
Linux Kernel>=6.1.75<6.1.85
Linux Kernel>=6.6.14<6.6.26
Linux Kernel>=6.7.2<6.8.5
Linux Kernel=6.9-rc1
Debian Linux=10.0
debian/linux
5.10.223-1
5.10.234-1
6.1.129-1
6.1.133-1
6.12.22-1

Remedy

https://git.kernel.org/stable/c/203a68151e8eeb331d4a64ab78303f3a15faf103

Remedy

https://git.kernel.org/stable/c/37dc1718dc0c4392dbfcb9adec22a776e745dd69

Remedy

https://git.kernel.org/stable/c/3f0784b2f1eb9147973d8c43ba085c5fdf44ff69

Remedy

https://git.kernel.org/stable/c/98cdac206b112bec63852e94802791e316acc2c1

Remedy

https://git.kernel.org/stable/c/9970e059af471478455f9534e8c3db82f8c5496d

Remedy

https://git.kernel.org/stable/c/ecc6a2101840177e57c925c102d2d29f260d37c8

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-35905?

    CVE-2024-35905 has been classified with a high severity due to the potential for integer overflow leading to stack corruption.

  • How do I fix CVE-2024-35905?

    To fix CVE-2024-35905, you need to upgrade the kernel to version 5.10.215, 5.15.154, 6.1.85, 6.6.26, 6.8.5, or 6.9.

  • Which systems are affected by CVE-2024-35905?

    CVE-2024-35905 affects multiple versions of the Linux kernel, specifically those below the indicated patched versions.

  • What vulnerabilities does CVE-2024-35905 address?

    CVE-2024-35905 addresses an integer overflow vulnerability that can occur during stack access size operations in the Linux kernel.

  • Is there a workaround for CVE-2024-35905?

    There is no official workaround for CVE-2024-35905; patching is strongly recommended to mitigate any security risks.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203