CVE-2024-38566 in Linux
Sumário
de MITRE • 19/06/2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix verifier assumptions about socket->sk
The verifier assumes that 'sk' field in 'struct socket' is valid and non-NULL when 'socket' pointer itself is trusted and non-NULL. That may not be the case when socket was just created and passed to LSM socket_accept hook. Fix this verifier assumption and adjust tests.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.