CVE-2024-38566

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-38566

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38566.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-38566

Downstream

BELL-CVE-2024-38566

DEBIAN-CVE-2024-38566

OESA-2024-2076

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

UBUNTU-CVE-2024-38566

USN-6949-1

USN-6949-2

USN-6952-1

USN-6952-2

USN-6955-1

Related

Published

2024-06-19T13:35:33Z

Modified

2025-10-17T07:46:01.210459Z

Summary

bpf: Fix verifier assumptions about socket->sk

Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix verifier assumptions about socket->sk

The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. That may not be the case when socket was just created and passed to LSM socket_accept hook. Fix this verifier assumption and adjust tests.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6fcd486b3a0a628c41f12b3a7329a18a2c74b351

Fixed

39f8a29330f433000e716eefc4b9abda05b71a82

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6fcd486b3a0a628c41f12b3a7329a18a2c74b351

Fixed

6f5ae91172a93abac9720ba94edf3ec8f4d7f24f

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6fcd486b3a0a628c41f12b3a7329a18a2c74b351

Fixed

c58ccdd2483a1d990748cdaf94206b5d5986a001

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

6fcd486b3a0a628c41f12b3a7329a18a2c74b351

Fixed

0db63c0b86e981a1e97d2596d64ceceba1a5470e

Affected versions

v6.*

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.5

v6.5-rc1

v6.5-rc2

v6.5-rc3

v6.5-rc4

v6.5-rc5

v6.5-rc6

v6.5-rc7

v6.6

v6.6-rc1

v6.6-rc2

v6.6-rc3

v6.6-rc4

v6.6-rc5

v6.6-rc6

v6.6-rc7

v6.6.1

v6.6.10

v6.6.11

v6.6.12

v6.6.13

v6.6.14

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.2

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.6.24

v6.6.25

v6.6.26

v6.6.27

v6.6.28

v6.6.29

v6.6.3

v6.6.30

v6.6.31

v6.6.32

v6.6.4

v6.6.5

v6.6.6

v6.6.7

v6.6.8

v6.6.9

v6.7

v6.7-rc1

v6.7-rc2

v6.7-rc3

v6.7-rc4

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.8.1

v6.8.10

v6.8.11

v6.8.2

v6.8.3

v6.8.4

v6.8.5

v6.8.6

v6.8.7

v6.8.8

v6.8.9

v6.9

v6.9-rc1

v6.9-rc2

v6.9-rc3

v6.9-rc4

v6.9-rc5

v6.9-rc6

v6.9-rc7

v6.9.1

v6.9.2

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.4.0

Fixed

6.6.33

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.8.12

Type: ECOSYSTEM
Events: Introduced

6.9.0

Fixed

6.9.3