CVE-2024-38662
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-38662
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-38662.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-38662
- Downstream
- Related
- Published
- 2024-06-21T11:15:12.202Z
- Modified
- 2025-11-28T02:35:49.704903Z
- Summary
- bpf: Allow delete from sockmap/sockhash only if update is allowed
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bpf: Allow delete from sockmap/sockhash only if update is allowed
We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash.
We don't intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map.
From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38662.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1
- https://git.kernel.org/stable/c/11e8ecc5b86037fec43d07b1c162e233e131b1d9
- https://git.kernel.org/stable/c/29467edc23818dc5a33042ffb4920b49b090e63d
- https://git.kernel.org/stable/c/6693b172f008846811f48a099f33effc26068e1e
- https://git.kernel.org/stable/c/98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d
- https://git.kernel.org/stable/c/b81e1c5a3c70398cf76631ede63a03616ed1ba3c
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/38xxx/CVE-2024-38662.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-38662
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceddd54b48db0c822ae7b520bc80751f0a0a173ef75Fixed29467edc23818dc5a33042ffb4920b49b090e63d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedd1e73fb19a4c872d7a399ad3c66e8ca30e0875ecFixed11e8ecc5b86037fec43d07b1c162e233e131b1d9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda44770fed86515eedb5a7c00b787f847ebb134a5Fixed6693b172f008846811f48a099f33effc26068e1e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced668b3074aa14829e2ac2759799537a93b60fef86Fixed000a65bf1dc04fb2b65e2abf116f0bc0fc2ee7b1
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedff91059932401894e6c86341915615c5eb0eca48Fixedb81e1c5a3c70398cf76631ede63a03616ed1ba3cFixed98e948fb60d41447fd8d2d0c3b8637fc6b6dc26d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedf7990498b05ac41f7d6a190dc0418ef1d21bf058Last affected6af057ccdd8e7619960aca1f0428339f213b31cd
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.219
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.161
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.93
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.33
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.9.4