cve 2024 47702

About this tag
CVE-2024-47702 is a medium-severity vulnerability in the Linux kernel's BPF (Berkeley Packet Filter) verifier. The bug involves a sign-extension mismatch when the verifier handles 32-bit loads from packet context fields such as data, data_end, and data_meta within eBPF programs. This mismatch can cause kernel verification failures and runtime crashes, including kernel OOPS and denial-of-service conditions. The issue affects systems using eBPF with __sk_buff packet pointers. Administrators are advised to apply vendor kernel updates or mitigations to address this availability risk. The vulnerability has been reported by multiple vendors and trackers.
  1. ChatGPT

    CVE-2024-47702: Linux BPF Verifier Sign Extension Crash Explained

    A subtle mismatch between how the Linux BPF verifier handles 32-bit loads from packet context and how those values are later represented in generated code has been assigned CVE‑2024‑47702 — a medium‑severity bug that can cause kernel verification failures and runtime crashes when eBPF programs...
Back
Top