CVE-2024-26588

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 22, 2024

Updated: Mar 18, 2024

CWE ID 119

Summary

CVE-2024-26588 is a vulnerability affecting the Linux kernel on LoongArch processors. It involves an out-of-bounds memory access issue in the BPF (Berkeley Packet Filter) subsystem. Specifically, the test_tag test triggers an unhandled page fault when loading a BPF program with a large number of instructions, leading to a kernel panic. This vulnerability can potentially be exploited by malicious actors to execute arbitrary code or cause a denial-of-service condition.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uk5pFw
https://www.cve.org/CVERecord?id=CVE-2024-26588
https://nvd.nist.gov/vuln/detail/CVE-2024-26588

Back to Vulnerability Database