CVE-2024-50128
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2024-50132 is a vulnerability affecting the Linux kernel that has been addressed. The issue involved the creation of trace_probes, where the number of arguments (nr_args) was set before being truncated to the MAX_TRACE_ARGS limit. This resulted in invalid memory access when attempting to set up probes with more than 128 fetchargs, leading to a kernel NULL pointer dereference and a page fault. The vulnerability has been resolved by applying the MAX_TRACE_ARGS limit earlier and returning an error when there are too many arguments instead of silently truncating.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.