CVE-2024-38564

bpfprogattach uses attachtypetoprogtype to enforce proper attach type for BPFPROGTYPECGROUPSKB. linkcreate uses bpfprogget and relies on bpfprogattachcheckattachtype to properly verify progtype <> attachtype association.

Add missing attachtype enforcement for the linkcreate case. Otherwise, it's currently possible to attach cgroup_skb prog types to other cgroup hooks.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/cc431b3424123d84bcd7afd4de150b33f117a8ef/cves/2024/38xxx/CVE-2024-38564.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4a1e7c0c63e02daad751842b7880f9bbcdfb6e89

Fixed

6675c541f540a29487a802d3135280b69b9f568d

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4a1e7c0c63e02daad751842b7880f9bbcdfb6e89

Fixed

67929e973f5a347f05fef064fea4ae79e7cdb5fd

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4a1e7c0c63e02daad751842b7880f9bbcdfb6e89

Fixed

b34bbc76651065a5eafad8ddff1eb8d1f8473172

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4a1e7c0c63e02daad751842b7880f9bbcdfb6e89

Fixed

543576ec15b17c0c93301ac8297333c7b6e84ac7

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.10.0

Fixed

6.6.33

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.8.12

Type: ECOSYSTEM
Events: Introduced

6.9.0

Fixed

6.9.3