CVE-2024-56768

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to the fixed version

Description A bug in the Linux kernel has been resolved, specifically in the bpf get smp processor id() function when CONFIG SMP is disabled. On x86-64, calling this function can trigger an error because pcpu hot is unavailable, resulting in a page fault. The error message includes details such as "BUG: unable to handle page fault for address" and "supervisor read access in kernel mode." The fix involves inlining a return 0 in the case where CONFIG SMP is disabled.

Recommendations For Linux Kernel versions prior to the fixed version, the issue can be resolved by applying the fix that inlines a return 0 in the !CONFIG SMP case. As a temporary workaround, consider disabling the bpf get smp processor id() function until a patch is available. Restrict access to the affected kernel module to minimize the risk of exploitation. Avoid using the pcpu hot variable in the affected kernel mode until the issue is resolved.