CVE-2024-35903

Published: May 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for the CALL instruction if `x86_call_depth_emit_accounting` emits code. Otherwise we will skip some instructions and most likely crash.

Vendor	Product	Versions
Linux	Linux	affected `b2e9dfe54be4d023124d588d6f03d16a9c0d2507 - < 3f9d57c771656bfd651e22edcfdb5f60e62542d4` affected `b2e9dfe54be4d023124d588d6f03d16a9c0d2507 - < 81166178cf0a0062a22b1b3b5368183d39577028` affected `b2e9dfe54be4d023124d588d6f03d16a9c0d2507 - < 9d98aa088386aee3db1b7b60b800c0fde0654a4a`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.6.26 - <= 6.6.` unaffected `6.8.5 - <= 6.8.` unaffected `6.9 - <= *`

References

https://git.kernel.org/stable/c/3f9d57c771656bfd651e22edcfdb5f60e62542d4

https://git.kernel.org/stable/c/81166178cf0a0062a22b1b3b5368183d39577028

https://git.kernel.org/stable/c/9d98aa088386aee3db1b7b60b800c0fde0654a4a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35903

Description

Affected Products

References