bpftrace-0.16.0-6.el8_10
エラータID: AXSA:2024-9001:03
BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap
Security Fix(es):
* bpftrace: unprivileged users can force loading of compromised linux headers (CVE-2024-2313)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-2313
If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
Update packages.
If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
N/A
SRPMS
- bpftrace-0.16.0-6.el8_10.src.rpm
MD5: fc15f78fb8403de069288d4b8019b0f3
SHA-256: 15b94bba1a98ea6df27e8698c26a7753df51c921b78f8ccedec4e729aa63c2e4
Size: 1.37 MB
Asianux Server 8 for x86_64
- bpftrace-0.16.0-6.el8_10.x86_64.rpm
MD5: eef16349ff27f7b50cc5bb47e48cd831
SHA-256: 592114f0251ec4d9d38c3174f6ca6d72ce50f34a9d893116f4d969c9fe9a4c85
Size: 2.37 MB
日本語