CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write
First published: Mon Jan 06 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | >=2.6.29<6.1.123 | |
| Linux Kernel | >=6.2<6.6.69 | |
| Linux Kernel | >=6.7<6.12.8 | |
| Linux Kernel | =6.13-rc1 | |
| Linux Kernel | =6.13-rc2 | |
| Linux Kernel | =6.13-rc3 | |
| Linux Kernel | =6.13-rc4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/3d15f4c2449558ffe83b4dba30614ef1cd6937c3
- https://git.kernel.org/stable/c/03041e474a6a8f1bfd4b96b164bb3165c48fa1a3
- https://git.kernel.org/stable/c/1cca920af19df5dd91254e5ff35e68e911683706
- https://git.kernel.org/stable/c/98feccbf32cfdde8c722bc4587aaa60ee5ac33f0
- https://git.kernel.org/stable/c/2558d753df0628d4187d8e1fd989339460f4f364
- https://git.kernel.org/stable/c/f60172b447317cb6c5e74b5601a151866269baf6
Frequently Asked Questions
What is the severity of CVE-2024-56763?
The severity of CVE-2024-56763 is classified as a medium risk due to the potential for causing incorrect behavior in the tracing process.
How do I fix CVE-2024-56763?
To fix CVE-2024-56763, update the Linux kernel to a version that is not affected, specifically versions later than 6.1.123 or 6.2 and later than 6.7, or any version after 6.13-rc4.
Which versions of the Linux kernel are affected by CVE-2024-56763?
CVE-2024-56763 affects Linux kernel versions from 2.6.29 up to 6.1.123, from 6.2 up to 6.6.69, from 6.7 up to 6.12.8, and specific 6.13 release candidates.
What does CVE-2024-56763 exploit?
CVE-2024-56763 exploits a vulnerability in the tracing subsystem, which could result in warnings when a large count is provided during bitmap parsing.
Is there a patch available for CVE-2024-56763?
Yes, patches addressing CVE-2024-56763 have been implemented in newer kernel releases that users should apply.
- agent/title
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/event
- agent/severity
- agent/remedy
- agent/softwarecombine
- agent/references
- agent/source
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- version/linux kernel/2.6.29
- version/linux kernel/6.2
- version/linux kernel/6.7
- version/linux kernel/6.13-rc1
- version/linux kernel/6.13-rc2
- version/linux kernel/6.13-rc3
- version/linux kernel/6.13-rc4