CVE-2024-36918

Published: May 30, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Check bloom filter map value size This patch adds a missing check to bloom filter creating, rejecting values above KMALLOC_MAX_SIZE. This brings the bloom map in line with many other map types. The lack of this protection can cause kernel crashes for value sizes that overflow int's. Such a crash was caught by syzkaller. The next patch adds more guard-rails at a lower level.

Vendor	Product	Versions
Linux	Linux	affected `9330986c03006ab1d33d243b7cfe598a7a3c1baa - < fa6995eeb62e74b5a1480c73fb7b420c270784d3` affected `9330986c03006ab1d33d243b7cfe598a7a3c1baa - < 608e13706c8b6c658a0646f09ebced74ec367f7c` affected `9330986c03006ab1d33d243b7cfe598a7a3c1baa - < c418afb9bf23e2f2b76cb819601e4a5d9dbab42d` affected `9330986c03006ab1d33d243b7cfe598a7a3c1baa - < a8d89feba7e54e691ca7c4efc2a6264fa83f3687`
Linux	Linux	affected `5.16` unaffected `0 - < 5.16` unaffected `6.1.91 - <= 6.1.` unaffected `6.6.31 - <= 6.6.` unaffected `6.8.10 - <= 6.8.*` +1 more versions

References

https://git.kernel.org/stable/c/fa6995eeb62e74b5a1480c73fb7b420c270784d3

https://git.kernel.org/stable/c/608e13706c8b6c658a0646f09ebced74ec367f7c

https://git.kernel.org/stable/c/c418afb9bf23e2f2b76cb819601e4a5d9dbab42d

https://git.kernel.org/stable/c/a8d89feba7e54e691ca7c4efc2a6264fa83f3687

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-36918

Description

Affected Products

References