CVE-2024-56768

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 6, 2025
Updated: Jan 7, 2025

Summary

CVE-2024-56768 is a vulnerability affecting the Linux kernel. When bpf_get_smp_processor_id() is called on a kernel with Configuration SMP (Symmetric Multi-Processing) disabled, the unavailability of pcpu_hot can result in a kernel panic with a supervisor read access error. This occurs due to an attempt to access a not-present page. The issue has been mitigated by inlining a return 0 statement in the !CONFIG_SMP case to prevent the bug from being triggered.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share