PT-2024-5413 · Linux+6 · Linux Kernel+6

Tetsuo Handa

·

Published

2024-05-27

·

Updated

2025-09-29

·

CVE-2024-38662

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the Linux kernel's BPF (Berkeley Packet Filter) subsystem, where a vulnerability in the may update sockmap() function allows for insufficient permission checks. This can lead to a locking rule violation when a BPF program attached to a tracepoint performs a map delete on a sockmap/sockhash. The vulnerability can be exploited to impact the integrity of protected information. The Linux kernel has resolved this issue by extending the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map, allowing only BPF programs that were previously allowed to update sockmap/sockhash to delete from these map types.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-280

Related Identifiers

ALSA-2025_16880
ALT-PU-2024-10855
ALT-PU-2024-11524
ALT-PU-2024-13979
ALT-PU-2024-14046
ALT-PU-2024-17597
ALT-PU-2024-9459
ALT-PU-2024-9615
AZL-42842
AZL-42847
BDU:2024-06057
CVE-2024-38662
DSA-5730-1
MGASA-2024-0263
MGASA-2024-0266
OESA-2024-1768
OESA-2024-1836
OPENSUSE-SU-2024_3190-1
OPENSUSE-SU-2024_3209-1
OPENSUSE-SU-2024_3483-1
SUSE-SU-2024:3189-1
SUSE-SU-2024:3190-1
SUSE-SU-2024:3194-1
SUSE-SU-2024:3195-1
SUSE-SU-2024:3209-1
SUSE-SU-2024:3251-1
SUSE-SU-2024:3252-1
SUSE-SU-2024:3383-1
SUSE-SU-2024:3483-1
SUSE-SU-2025:20044-1
SUSE-SU-2025:20047-1
USN-6999-1
USN-6999-2
USN-7004-1
USN-7005-1
USN-7005-2
USN-7007-1
USN-7007-2
USN-7007-3
USN-7008-1
USN-7009-1
USN-7009-2
USN-7029-1

Affected Products

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu