CVE-2024-36918

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-36918
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-36918.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-36918
Downstream
Related
Published
2024-05-30T16:15:15Z
Modified
2025-09-17T22:18:22Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check bloom filter map value size

This patch adds a missing check to bloom filter creating, rejecting values above KMALLOCMAXSIZE. This brings the bloom map in line with many other map types.

The lack of this protection can cause kernel crashes for value sizes that overflow int's. Such a crash was caught by syzkaller. The next patch adds more guard-rails at a lower level.

References

Affected packages