{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2313", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2024-03-07T23:53:59.076Z", "datePublished": "2024-03-10T22:51:51.372Z", "dateUpdated": "2024-08-01T19:11:53.480Z"}, "containers": {"cna": {"affected": [{"packageName": "bpftrace", "product": "bpftrace", "vendor": "bpftrace", "repo": "https://github.com/bpftrace/bpftrace", "platforms": ["Linux"], "versions": [{"status": "unaffected", "version": "0", "lessThan": "v0.20.2", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}], "references": [{"tags": ["patch"], "url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998"}, {"tags": ["issue-tracking"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313"}], "credits": [{"lang": "en", "type": "finder", "value": "Mark Esler"}, {"lang": "en", "type": "analyst", "value": "Seth Arnold"}, {"lang": "en", "type": "remediation reviewer", "value": "Brendan Gregg"}, {"lang": "en", "type": "remediation developer", "value": "Jordan Rome"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "baseScore": 2.8, "baseSeverity": "LOW"}}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-03-10T22:51:51.372Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2313", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-12T18:19:33.616251Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:29:44.882Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.480Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998", "tags": ["patch", "x_transferred"]}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313", "tags": ["issue-tracking", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.480Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2313", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-12T18:19:33.616251Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:17.125Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Mark Esler"}, {"lang": "en", "type": "analyst", "value": "Seth Arnold"}, {"lang": "en", "type": "remediation reviewer", "value": "Brendan Gregg"}, {"lang": "en", "type": "remediation developer", "value": "Jordan Rome"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 2.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"repo": "https://github.com/bpftrace/bpftrace", "vendor": "bpftrace", "product": "bpftrace", "versions": [{"status": "unaffected", "version": "0", "lessThan": "v0.20.2", "versionType": "semver"}], "platforms": ["Linux"], "packageName": "bpftrace"}], "references": [{"url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998", "tags": ["patch"]}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313", "tags": ["issue-tracking"]}], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-03-10T22:51:51.372Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2313", "state": "PUBLISHED", "dateUpdated": "2024-08-01T19:11:53.480Z", "dateReserved": "2024-03-07T23:53:59.076Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2024-03-10T22:51:51.372Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}, {"lang": "es", "value": "Si es necesario extraer los encabezados del kernel, bpftrace intentar\u00e1 cargarlos desde un directorio temporal. Un atacante sin privilegios podr\u00eda usar esto para obligar a bcc a cargar encabezados de Linux comprometidos. Las distribuciones de Linux que proporcionan encabezados de kernel de forma predeterminada no se ven afectadas de forma predeterminada."}], "id": "CVE-2024-2313", "lastModified": "2024-11-21T09:09:29.277", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 1.4, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2024-03-10T23:15:53.760", "references": [{"source": "security@ubuntu.com", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313"}, {"source": "security@ubuntu.com", "url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:8830", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "bpftrace-0:0.16.0-6.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:9188", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "bpftrace-0:0.21.1-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}], "bugzilla": {"description": "bpftrace: unprivileged users can force loading of compromised linux headers", "id": "2269014", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269014"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-284", "details": ["If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.", "A flaw was found in BPFtrace. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bpftrace to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential security risks, unauthorized access, or system compromise."], "name": "CVE-2024-2313", "public_date": "2024-03-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-2313\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-2313"], "statement": "This flaw is triggered by handling malicious input and the overall impact is considered minimal.", "threat_severity": "Low", "upstream_fix": "bpftrace 0.20.2"}