CVE-2024-50132

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-50132
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50132.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-50132
Downstream
Related
Published
2024-11-05T17:10:57Z
Modified
2025-10-17T16:06:13.852934Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
tracing/probes: Fix MAX_TRACE_ARGS limit handling
Details

In the Linux kernel, the following vulnerability has been resolved:

tracing/probes: Fix MAXTRACEARGS limit handling

When creating a traceprobe we would set nrargs prior to truncating the arguments to MAXTRACEARGS. However, we would only initialize arguments up to the limit.

This caused invalid memory access when attempting to set up probes with more than 128 fetchargs.

BUG: kernel NULL pointer dereference, address: 0000000000000020 #PF: supervisor read access in kernel mode #PF: errorcode(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 0 UID: 0 PID: 1769 Comm: cat Not tainted 6.11.0-rc7+ #8 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014 RIP: 0010:setprint_fmt+0x134/0x330

Resolve the issue by applying the MAXTRACEARGS limit earlier. Return an error when there are too many arguments instead of silently truncating.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e96b42d22f66982b84e31b6935a59d74d9a2d848
Fixed
6bc24db74fe4788cc7c2f30a113fc6aafba225a3
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
035ba76014c096316fa809a46ce0a1b9af1cde0d
Fixed
08ccd1a57c4d3882e9a877eb2dcc66e50a3b0279
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
035ba76014c096316fa809a46ce0a1b9af1cde0d
Fixed
73f35080477e893aa6f4c8d388352b871b288fbc

Affected versions

v6.*

v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.11
v6.11-rc1
v6.11-rc2
v6.11-rc3
v6.11-rc4
v6.11-rc5
v6.11-rc6
v6.11-rc7
v6.11.1
v6.11.2
v6.11.3
v6.11.4
v6.11.5
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.8
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.9.0
Fixed
6.11.6