CVE-2024-38564
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-38564
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38564.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38564
- Downstream
- Related
- Published
- 2024-06-19T13:35:32Z
- Modified
- 2025-10-17T07:10:32.873935Z
- Summary
- bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in BPFLINKCREATE
bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on bpfprogattachcheckattachtype to properly verify progtype <> attachtype association.
Add missing attachtype enforcement for the linkcreate case. Otherwise, it's currently possible to attach cgroup_skb prog types to other cgroup hooks.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/543576ec15b17c0c93301ac8297333c7b6e84ac7
- https://git.kernel.org/stable/c/6675c541f540a29487a802d3135280b69b9f568d
- https://git.kernel.org/stable/c/67929e973f5a347f05fef064fea4ae79e7cdb5fd
- https://git.kernel.org/stable/c/b34bbc76651065a5eafad8ddff1eb8d1f8473172
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4a1e7c0c63e02daad751842b7880f9bbcdfb6e89Fixed6675c541f540a29487a802d3135280b69b9f568d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4a1e7c0c63e02daad751842b7880f9bbcdfb6e89Fixed67929e973f5a347f05fef064fea4ae79e7cdb5fd
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4a1e7c0c63e02daad751842b7880f9bbcdfb6e89Fixedb34bbc76651065a5eafad8ddff1eb8d1f8473172
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4a1e7c0c63e02daad751842b7880f9bbcdfb6e89Fixed543576ec15b17c0c93301ac8297333c7b6e84ac7
Affected versions
v5.*
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.9
v5.9-rc7
v5.9-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1
v6.8.10
v6.8.11
v6.8.2
v6.8.3
v6.8.4
v6.8.5
v6.8.6
v6.8.7
v6.8.8
v6.8.9
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"id": "CVE-2024-38564-04630372",
"target": {
"function": "bpf_prog_attach_check_attach_type",
"file": "kernel/bpf/syscall.c"
},
"digest": {
"function_hash": "294936011438696480310284337701446413029",
"length": 1437.0
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67929e973f5a347f05fef064fea4ae79e7cdb5fd",
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-38564-53eb25fa",
"target": {
"function": "bpf_prog_attach_check_attach_type",
"file": "kernel/bpf/syscall.c"
},
"digest": {
"function_hash": "281177874041791869604630415900310692282",
"length": 1378.0
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6675c541f540a29487a802d3135280b69b9f568d",
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-38564-95a91df2",
"target": {
"file": "kernel/bpf/syscall.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"74172619154385478876608202981709040498",
"183765898721339404822397616194637332602",
"275567208005376926413895402625097641906",
"85987197896138574305970202143157904227"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6675c541f540a29487a802d3135280b69b9f568d",
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-38564-9cf0c665",
"target": {
"function": "bpf_prog_attach_check_attach_type",
"file": "kernel/bpf/syscall.c"
},
"digest": {
"function_hash": "29510205887827007174669578628716007035",
"length": 1461.0
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b34bbc76651065a5eafad8ddff1eb8d1f8473172",
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-38564-a6a95746",
"target": {
"file": "kernel/bpf/syscall.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"319342118362474736111748647364077406721",
"162591265303814915168418951409298796161",
"206429450761896363294680891293846249253",
"85987197896138574305970202143157904227"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@543576ec15b17c0c93301ac8297333c7b6e84ac7",
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-38564-c5b5e564",
"target": {
"file": "kernel/bpf/syscall.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"319342118362474736111748647364077406721",
"162591265303814915168418951409298796161",
"206429450761896363294680891293846249253",
"85987197896138574305970202143157904227"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b34bbc76651065a5eafad8ddff1eb8d1f8473172",
"deprecated": false
},
{
"signature_type": "Function",
"id": "CVE-2024-38564-d913495a",
"target": {
"function": "bpf_prog_attach_check_attach_type",
"file": "kernel/bpf/syscall.c"
},
"digest": {
"function_hash": "29510205887827007174669578628716007035",
"length": 1461.0
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@543576ec15b17c0c93301ac8297333c7b6e84ac7",
"deprecated": false
},
{
"signature_type": "Line",
"id": "CVE-2024-38564-de0bf818",
"target": {
"file": "kernel/bpf/syscall.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"74172619154385478876608202981709040498",
"183765898721339404822397616194637332602",
"275567208005376926413895402625097641906",
"85987197896138574305970202143157904227"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67929e973f5a347f05fef064fea4ae79e7cdb5fd",
"deprecated": false
}
]