CVE - CVE-2024-38566

CVE-ID
CVE-2024-38566	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix verifier assumptions about socket->sk The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. That may not be the case when socket was just created and passed to LSM socket_accept hook. Fix this verifier assumption and adjust tests.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e URL:https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e MISC:https://git.kernel.org/stable/c/39f8a29330f433000e716eefc4b9abda05b71a82 URL:https://git.kernel.org/stable/c/39f8a29330f433000e716eefc4b9abda05b71a82 MISC:https://git.kernel.org/stable/c/6f5ae91172a93abac9720ba94edf3ec8f4d7f24f URL:https://git.kernel.org/stable/c/6f5ae91172a93abac9720ba94edf3ec8f4d7f24f MISC:https://git.kernel.org/stable/c/c58ccdd2483a1d990748cdaf94206b5d5986a001 URL:https://git.kernel.org/stable/c/c58ccdd2483a1d990748cdaf94206b5d5986a001
Assigning CNA
kernel.org
Date Record Created
20240618	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240618)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)