CVE-2024-2313 Vulnerability Details

  /     /     /  

CVE-2024-2313 Metadata Quick Info

CVE Published: 10/03/2024 | CVE Updated: 01/08/2024 | CVE Year: 2024
Source: canonical | Vendor: bpftrace | Product: bpftrace
Status : PUBLISHED

CVE-2024-2313 Description

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

Metrics

CVSS Version: 3.1 | Base Score: 2.8 LOW
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* LOW
    User Interaction (UI)* NONE
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* NONE
    Availability Impact (A)* LOW

Weakness Enumeration (CWE)

CWE-ID:
CWE Name:
Source: bpftrace

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2024-2313 Vulnerability Details