{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-2314", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2024-03-07T23:54:22.362Z", "datePublished": "2024-03-10T22:54:31.563Z", "dateUpdated": "2024-08-22T19:01:05.306Z"}, "containers": {"cna": {"affected": [{"packageName": "bcc", "product": "BPF Compiler Collection", "vendor": "IOVisor", "repo": "https://github.com/iovisor/bcc", "platforms": ["Linux"], "versions": [{"status": "affected", "version": "0", "lessThan": "008ea09e891194c072f2a9305a3c872a241dc342", "versionType": "commit-id"}]}], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}], "references": [{"tags": ["patch"], "url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342"}, {"tags": ["issue-tracking"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314"}], "credits": [{"lang": "en", "type": "finder", "value": "Mark Esler"}, {"lang": "en", "type": "analyst", "value": "Seth Arnold"}, {"lang": "en", "type": "remediation developer", "value": "Brendan Gregg"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "baseScore": 2.8, "baseSeverity": "LOW"}}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-03-10T22:54:31.563Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.466Z"}, "title": "CVE Program Container", "references": [{"tags": ["patch", "x_transferred"], "url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-22T19:00:41.028958Z", "id": "CVE-2024-2314", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T19:01:05.306Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342", "tags": ["patch", "x_transferred"]}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314", "tags": ["issue-tracking", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T19:11:53.466Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-2314", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-22T19:00:41.028958Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T19:00:58.185Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Mark Esler"}, {"lang": "en", "type": "analyst", "value": "Seth Arnold"}, {"lang": "en", "type": "remediation developer", "value": "Brendan Gregg"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 2.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"repo": "https://github.com/iovisor/bcc", "vendor": "IOVisor", "product": "BPF Compiler Collection", "versions": [{"status": "affected", "version": "0", "lessThan": "008ea09e891194c072f2a9305a3c872a241dc342", "versionType": "commit-id"}], "platforms": ["Linux"], "packageName": "bcc"}], "references": [{"url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342", "tags": ["patch"]}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314", "tags": ["issue-tracking"]}], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2024-03-10T22:54:31.563Z"}}}, "cveMetadata": {"cveId": "CVE-2024-2314", "state": "PUBLISHED", "dateUpdated": "2024-08-22T19:01:05.306Z", "dateReserved": "2024-03-07T23:54:22.362Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2024-03-10T22:54:31.563Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}, {"lang": "es", "value": "Si es necesario extraer los encabezados del kernel, bcc intentar\u00e1 cargarlos desde un directorio temporal. Un atacante sin privilegios podr\u00eda usar esto para obligar a bcc a cargar encabezados de Linux comprometidos. Las distribuciones de Linux que proporcionan encabezados de kernel de forma predeterminada no se ven afectadas de forma predeterminada."}], "id": "CVE-2024-2314", "lastModified": "2024-03-11T01:32:29.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 1.4, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2024-03-10T23:15:53.967", "references": [{"source": "security@ubuntu.com", "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314"}, {"source": "security@ubuntu.com", "url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "bcc: unprivileged users can force loading of compromised linux headers", "id": "2269019", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269019"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-284", "details": ["If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.", "A flaw was found in the BCC toolset. This issue occurs when extracting kernel headers, it tries to load them from a temporary directory. This issue could allow an attacker to force bcc to load compromised Linux headers by placing malicious headers in the temporary directory, leading to potential security risks, unauthorized access, or system compromise."], "name": "CVE-2024-2314", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "bcc", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "bcc", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "bcc", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-2314\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-2314"], "statement": "This flaw is triggered by handling malicious input and the overall impact is considered minimal.", "threat_severity": "Low"}