Resource Injection Affecting bpftool package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-BPFTOOL-7340829
- published 21 Jun 2024
- disclosed 19 Jun 2024
Introduced: 19 Jun 2024
CVE-2024-38607 Open this link in a new tabHow to fix?
There is no fixed version for Centos:7 bpftool.
NVD Description
Note: Versions mentioned in the description apply only to the upstream bpftool package and not the bpftool package as distributed by Centos.
See How to fix? for Centos:7 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"
The via-macii ADB driver calls request_irq() after disabling hard interrupts. But disabling interrupts isn't necessary here because the VIA shift register interrupt was masked during VIA1 initialization.
References
- https://access.redhat.com/security/cve/CVE-2024-38607
- https://git.kernel.org/stable/c/010d4cb19bb13f423e3e746b824f314a9bf3e9a9
- https://git.kernel.org/stable/c/1e9c3f2caec548cfa7a65416ec4e6006e542f18e
- https://git.kernel.org/stable/c/280619bbdeac186fb320fab3d61122d2a085def8
- https://git.kernel.org/stable/c/2907d409ce5946390f513976f0454888d37d1058
- https://git.kernel.org/stable/c/5900a88e897e6deb1bdce09ee34167a81c2da89d
- https://git.kernel.org/stable/c/787fb79efc15b3b86442ecf079b8148f173376d7
- https://git.kernel.org/stable/c/d301a71c76ee4c384b4e03cdc320a55f5cf1df05
- https://git.kernel.org/stable/c/d43a8c7ec0841e0ff91a968770aeca83f0fd4c56
- https://git.kernel.org/stable/c/e4ff8bcfb2841fe4e17e5901578b632adb89036d