What is the severity of CVE-2024-47728?

CVE-2024-47728 has been rated as a significant issue due to potential impacts on system security.

How do I fix CVE-2024-47728?

To mitigate CVE-2024-47728, update your Linux kernel to the latest available version that contains the patch.

Which Linux kernel versions are affected by CVE-2024-47728?

CVE-2024-47728 affects Linux kernel versions from 5.2 up to 6.1.113 and various versions between 6.2 and 6.11.2.

What kind of vulnerability is CVE-2024-47728?

CVE-2024-47728 is a vulnerability in the BPF subsystem of the Linux kernel that affects error handling.

Is CVE-2024-47728 a remote or local vulnerability?

CVE-2024-47728 is a local vulnerability that requires access to the system to exploit.

Vulnerability/
CVE-2024-47728

medium

5.5

CWE

459

21/10/2024

19/12/2024

CVE-2024-47728: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error

First published: Mon Oct 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error For all non-tracing helpers which formerly had ARG_PTR_TO_{LONG,INT} as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, it is not needed given CAP_PERFMON can already read all kernel memory anyway hence bpf_get_func_arg() and bpf_get_func_ret() is skipped in here. Also, the MTU helpers mtu_len pointer value is being written but also read. Technically, the MEM_UNINIT should not be there in order to always force init. Removing MEM_UNINIT needs more verifier rework though: MEM_UNINIT right now implies two things actually: i) write into memory, ii) memory does not have to be initialized. If we lift MEM_UNINIT, it then becomes: i) read into memory, ii) memory must be initialized. This means that for bpf_*_check_mtu() we're readding the issue we're trying to fix, that is, it would then be able to write back into things like .rodata BPF maps. Follow-up work will rework the MEM_UNINIT semantics such that the intent can be better expressed. For now just clear the *mtu_len on error path which can be lifted later again.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel	>=5.2<6.1.113
Linux Kernel	>=6.2<6.6.54
Linux Kernel	>=6.7<6.10.13
Linux Kernel	>=6.11<6.11.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-47728?
CVE-2024-47728 has been rated as a significant issue due to potential impacts on system security.
How do I fix CVE-2024-47728?
To mitigate CVE-2024-47728, update your Linux kernel to the latest available version that contains the patch.
Which Linux kernel versions are affected by CVE-2024-47728?
CVE-2024-47728 affects Linux kernel versions from 5.2 up to 6.1.113 and various versions between 6.2 and 6.11.2.
What kind of vulnerability is CVE-2024-47728?
CVE-2024-47728 is a vulnerability in the BPF subsystem of the Linux kernel that affects error handling.
Is CVE-2024-47728 a remote or local vulnerability?
CVE-2024-47728 is a local vulnerability that requires access to the system to exploit.

agent/title
agent/references
agent/type
agent/description
agent/first-publish-date
agent/author
agent/event
agent/severity
agent/remedy
agent/softwarecombine
agent/weakness
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/5.2
version/linux kernel/6.2
version/linux kernel/6.7
version/linux kernel/6.11

Frequently Asked Questions

What is the severity of CVE-2024-47728?
CVE-2024-47728 has been rated as a significant issue due to potential impacts on system security.
How do I fix CVE-2024-47728?
To mitigate CVE-2024-47728, update your Linux kernel to the latest available version that contains the patch.
Which Linux kernel versions are affected by CVE-2024-47728?
CVE-2024-47728 affects Linux kernel versions from 5.2 up to 6.1.113 and various versions between 6.2 and 6.11.2.
What kind of vulnerability is CVE-2024-47728?
CVE-2024-47728 is a vulnerability in the BPF subsystem of the Linux kernel that affects error handling.
Is CVE-2024-47728 a remote or local vulnerability?
CVE-2024-47728 is a local vulnerability that requires access to the system to exploit.

CVE-2024-47728: bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2024-47728?

How do I fix CVE-2024-47728?

Which Linux kernel versions are affected by CVE-2024-47728?

What kind of vulnerability is CVE-2024-47728?

Is CVE-2024-47728 a remote or local vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2024-47728?

How do I fix CVE-2024-47728?

Which Linux kernel versions are affected by CVE-2024-47728?

What kind of vulnerability is CVE-2024-47728?

Is CVE-2024-47728 a remote or local vulnerability?