bcc-0.25.0-9.el8_10

エラータID: AXSA:2024-9000:03

Release date: 
Thursday, November 14, 2024 - 02:15
Subject: 
bcc-0.25.0-9.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Low
Description: 

BPF Compiler Collection (BCC) is a toolkit for easier creation of efficient kernel tracing and manipulation programs. BCC uses the extended Berkeley Packet Filter (eBPF) tool.

Security Fix(es):

* bcc: unprivileged users can force loading of compromised linux headers (CVE-2024-2314)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-2314
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

Solution: 

Update packages.

CVEs: 
CVE-2024-2314
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
Additional Info: 

N/A

Download: 

SRPMS
  1. bcc-0.25.0-9.el8_10.src.rpm
    MD5: bb4a13557b80ae75c8dba14d12e6939e
    SHA-256: 8f496033a3721765a5aa63da719832f2ce1cef9e195d0a5f8de01c54c8592290
    Size: 4.80 MB

Asianux Server 8 for x86_64
  1. bcc-0.25.0-9.el8_10.x86_64.rpm
    MD5: 847e4977e485c32b977eb7a33e8d2d2d
    SHA-256: 2331b82f1505285e313c82d7b35205d73c082c70eca8d1cdababd73402250aa9
    Size: 661.66 kB
  2. bcc-devel-0.25.0-9.el8_10.x86_64.rpm
    MD5: 258ac54b1785b18a6513a2dff8d34ff7
    SHA-256: 9b7e478c73ba48bf08e35756ebc23b44cad768c3c54f3cfcb9d5c08fbabda803
    Size: 32.34 kB
  3. bcc-doc-0.25.0-9.el8_10.noarch.rpm
    MD5: 3bd3db3c30c688964e0eb627521e3765
    SHA-256: 86718b8e22c47e2dc7e05412c75df380b9f7b2b1276af31abf7309b582ebd417
    Size: 293.83 kB
  4. bcc-tools-0.25.0-9.el8_10.x86_64.rpm
    MD5: c2350074365086b77e52bd12106bd8d2
    SHA-256: d8bd3f9792edfb1825d6c46a61d7d758ed313ce49d53e1be431a13f1d4bb9196
    Size: 481.83 kB
  5. python3-bcc-0.25.0-9.el8_10.x86_64.rpm
    MD5: 9862c194d601caf204d04183fea4fe40
    SHA-256: f554844fa3ff0769c7d75b8f49063e14fb0f5b53e0d8bf609fcac3f46e518204
    Size: 98.30 kB