CVE-2024-46764

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/09/2024
Last modified:
20/09/2024

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> bpf: add check for invalid name in btf_name_valid_section()<br /> <br /> If the length of the name string is 1 and the value of name[0] is NULL<br /> byte, an OOB vulnerability occurs in btf_name_valid_section() and the<br /> return value is true, so the invalid name passes the check.<br /> <br /> To solve this, you need to check if the first position is NULL byte and<br /> if the first character is printable.

Impact