We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-35903

x86/bpf: Fix IP after emitting call depth accounting



AssignerLinux
Reserved2024-05-17
Published2024-05-19
Updated2024-10-29

Description

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for the CALL instruction if `x86_call_depth_emit_accounting` emits code. Otherwise we will skip some instructions and most likely crash.

Product status

Default status
unaffected

b2e9dfe54be4 before 3f9d57c77165
affected

b2e9dfe54be4 before 81166178cf0a
affected

b2e9dfe54be4 before 9d98aa088386
affected

Default status
affected

6.2
affected

Any version before 6.2
unaffected

6.6.26
unaffected

6.8.5
unaffected

6.9
unaffected

References

https://git.kernel.org/stable/c/3f9d57c771656bfd651e22edcfdb5f60e62542d4

https://git.kernel.org/stable/c/81166178cf0a0062a22b1b3b5368183d39577028

https://git.kernel.org/stable/c/9d98aa088386aee3db1b7b60b800c0fde0654a4a

cve.org CVE-2024-35903

nvd.nist.gov CVE-2024-35903

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.