Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

All statuses

Filter by:

With package: linuxPackages_zen.bpftrace

Found 1 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2024-2313

2.8 LOW

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 1 year, 1 month ago

If kernel headers need to be extracted, bpftrace will attempt …

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

References

https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patchx_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-trackingx_transferred
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patchx_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-trackingx_transferred
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patch
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-tracking
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b… patchx_transferred
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 issue-trackingx_transferred

Affected products

bpftrace

<v0.20.2

Matching in nixpkgs

pkgs.bpftrace

High-level tracing language for Linux eBPF

nixos-unstable 0.21.2
- nixpkgs-unstable 0.21.2
- nixos-unstable-small 0.21.2

pkgs.linuxPackages_zen.bpftrace

High-level tracing language for Linux eBPF

nixos-unstable 0.21.2
- nixpkgs-unstable 0.21.2
- nixos-unstable-small 0.21.2

pkgs.emacsPackages.bpftrace-mode

None

nixos-unstable 20190608.2201
- nixpkgs-unstable 20190608.2201
- nixos-unstable-small 20190608.2201

pkgs.linuxKernel.packages.linux_6_1.bpftrace

High-level tracing language for Linux eBPF

nixos-unstable 0.21.2

pkgs.linuxKernel.packages.linux_5_10.bpftrace

High-level tracing language for Linux eBPF

nixos-unstable 0.21.2
- nixpkgs-unstable 0.21.2
- nixos-unstable-small 0.21.2

pkgs.linuxKernel.packages.linux_libre.bpftrace

High-level tracing language for Linux eBPF

nixos-unstable 0.21.2

pkgs.linuxKernel.packages.linux_latest_libre.bpftrace

High-level tracing language for Linux eBPF

nixos-unstable 0.21.2
- nixpkgs-unstable 0.21.2
- nixos-unstable-small 0.21.2

Package maintainers

@rvl Rodney Lorrimar <dev+nix@rodney.id.au>
@mfrw Muhammad Falak R Wani <falakreyaz@gmail.com>
@thoughtpolice Austin Seipp <aseipp@pobox.com>
@martinetd Dominique Martinet <f.ktfhrvnznqxacf@noclue.notk.org>

1