Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-56786 (GCVE-0-2024-56786)
Vulnerability from cvelistv5
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Show details on NVD website{
"containers": {
"cna": {
"providerMetadata": {
"dateUpdated": "2025-06-19T12:46:14.840Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"rejectedReasons": [
{
"lang": "en",
"value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-56786",
"datePublished": "2025-01-08T17:52:02.435Z",
"dateRejected": "2025-06-19T12:46:14.840Z",
"dateReserved": "2024-12-29T11:26:39.770Z",
"dateUpdated": "2025-06-19T12:46:14.840Z",
"state": "REJECTED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-56786\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-01-08T18:15:19.633\",\"lastModified\":\"2025-06-19T13:15:46.830\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\"}],\"metrics\":{},\"references\":[]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"rejectedReasons\": [{\"lang\": \"en\", \"value\": \"This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-06-19T12:46:14.840Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-56786\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"state\": \"REJECTED\", \"assignerShortName\": \"Linux\", \"dateReserved\": \"2024-12-29T11:26:39.770Z\", \"datePublished\": \"2025-01-08T17:52:02.435Z\", \"dateUpdated\": \"2025-06-19T12:46:14.840Z\", \"dateRejected\": \"2025-06-19T12:46:14.840Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2024-56786
Vulnerability from fkie_nvd
Published
2025-01-08 18:15
Modified
2025-06-19 13:15
Severity ?
Summary
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
References
| ▶ | URL | Tags |
|---|
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"id": "CVE-2024-56786",
"lastModified": "2025-06-19T13:15:46.830",
"metrics": {},
"published": "2025-01-08T18:15:19.633",
"references": [],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Rejected"
}
wid-sec-w-2025-0035
Vulnerability from csaf_certbund
Published
2025-01-08 23:00
Modified
2025-07-15 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder andere nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder andere nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0035 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0035.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0035 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0035"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56770",
"url": "https://lore.kernel.org/linux-cve-announce/2025010803-CVE-2024-56770-62ce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56771",
"url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56771-3ace@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56772",
"url": "https://lore.kernel.org/linux-cve-announce/2025010810-CVE-2024-56772-a64d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56773",
"url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56773-46a8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56774",
"url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56774-e09f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56775",
"url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56775-b841@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56776",
"url": "https://lore.kernel.org/linux-cve-announce/2025010811-CVE-2024-56776-040d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56777",
"url": "https://lore.kernel.org/linux-cve-announce/2025010812-CVE-2024-56777-a145@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56778",
"url": "https://lore.kernel.org/linux-cve-announce/2025010812-CVE-2024-56778-45a9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56779",
"url": "https://lore.kernel.org/linux-cve-announce/2025010812-CVE-2024-56779-74f5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56780",
"url": "https://lore.kernel.org/linux-cve-announce/2025010813-CVE-2024-56780-6b91@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56781",
"url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56781-7b75@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56782",
"url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56782-d049@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56783",
"url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56783-4ed9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56784",
"url": "https://lore.kernel.org/linux-cve-announce/2025010807-CVE-2024-56784-b2ba@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56785",
"url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56785-5a66@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56786",
"url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56786-1f56@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-56787",
"url": "https://lore.kernel.org/linux-cve-announce/2025010808-CVE-2024-56787-bd0b@gregkh/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0289-1 vom 2025-01-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020239.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0428-1 vom 2025-02-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020311.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0499-1 vom 2025-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020336.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0556-1 vom 2025-02-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020352.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0557-1 vom 2025-02-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020350.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0577-1 vom 2025-02-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-February/020370.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4076 vom 2025-03-01",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4075 vom 2025-03-01",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
},
{
"category": "external",
"summary": "Google Cloud Platform Security Bulletin GCP-2025-010 vom 2025-03-06",
"url": "https://cloud.google.com/support/bulletins#gcp-2025-010"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0577-2 vom 2025-03-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020500.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7388-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7388-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7382-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7382-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7380-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7380-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7379-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7379-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7387-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7387-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7381-1 vom 2025-03-27",
"url": "https://ubuntu.com/security/notices/USN-7381-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-2 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7392-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7392-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7389-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7389-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7393-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7393-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7390-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7390-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7391-1 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7391-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7387-2 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7387-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7387-3 vom 2025-03-28",
"url": "https://ubuntu.com/security/notices/USN-7387-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-4 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7392-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7392-3 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7392-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7379-2 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7379-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7401-1 vom 2025-04-01",
"url": "https://ubuntu.com/security/notices/USN-7401-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7407-1 vom 2025-04-02",
"url": "https://ubuntu.com/security/notices/USN-7407-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7413-1 vom 2025-04-03",
"url": "https://ubuntu.com/security/notices/USN-7413-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7421-1 vom 2025-04-07",
"url": "https://ubuntu.com/security/notices/USN-7421-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1178-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020674.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1177-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020670.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1180-1 vom 2025-04-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DGJ23MSZWYIA7MJ47RNVV6T27Z324VKA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1293-1 vom 2025-04-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020712.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7450-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7450-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7451-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7451-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7449-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7449-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7452-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7452-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7453-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7453-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7459-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7459-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7458-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7458-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7449-2 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7449-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7463-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7463-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7468-1 vom 2025-04-28",
"url": "https://ubuntu.com/security/notices/USN-7468-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7459-2 vom 2025-04-28",
"url": "https://ubuntu.com/security/notices/USN-7459-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-1 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-2 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-5 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-4 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7496-3 vom 2025-05-07",
"url": "https://ubuntu.com/security/notices/USN-7496-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-1 vom 2025-05-12",
"url": "https://ubuntu.com/security/notices/USN-7506-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-2 vom 2025-05-12",
"url": "https://ubuntu.com/security/notices/USN-7506-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-3 vom 2025-05-12",
"url": "https://ubuntu.com/security/notices/USN-7506-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7506-4 vom 2025-05-13",
"url": "https://ubuntu.com/security/notices/USN-7506-4"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:6966 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:6966"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7515-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7515-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-2 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7513-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7514-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7514-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7513-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7513-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7522-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7522-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7515-2 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7515-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7523-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7523-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7524-1 vom 2025-05-26",
"url": "https://ubuntu.com/security/notices/USN-7524-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7540-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7540-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7539-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7539-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20260-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021058.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20249-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021072.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20270-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021056.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20248-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021074.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20192-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021150.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20190-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021154.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20165-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021174.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20166-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021176.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02264-1 vom 2025-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021785.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02308-1 vom 2025-07-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021805.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02322-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021810.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02320-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021812.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02321-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021811.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-15T22:00:00.000+00:00",
"generator": {
"date": "2025-07-16T07:53:17.594+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0035",
"initial_release_date": "2025-01-08T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-29T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-11T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-16T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-02-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-02T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-03-06T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Google aufgenommen"
},
{
"date": "2025-03-11T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-27T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-03-30T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-02T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-03T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-07T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-23T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-24T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-28T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-06T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-12T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-26T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-15T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-14T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "35"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Cloud Platform",
"product": {
"name": "Google Cloud Platform",
"product_id": "393401",
"product_identification_helper": {
"cpe": "cpe:/a:google:cloud_platform:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T008144",
"product_identification_helper": {
"cpe": "cpe:/a:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-56770",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-56771",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56771"
},
{
"cve": "CVE-2024-56772",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56772"
},
{
"cve": "CVE-2024-56773",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56773"
},
{
"cve": "CVE-2024-56774",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56774"
},
{
"cve": "CVE-2024-56775",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56775"
},
{
"cve": "CVE-2024-56776",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56776"
},
{
"cve": "CVE-2024-56777",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56777"
},
{
"cve": "CVE-2024-56778",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56778"
},
{
"cve": "CVE-2024-56779",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56779"
},
{
"cve": "CVE-2024-56780",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56780"
},
{
"cve": "CVE-2024-56781",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56781"
},
{
"cve": "CVE-2024-56782",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56782"
},
{
"cve": "CVE-2024-56783",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56783"
},
{
"cve": "CVE-2024-56784",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56784"
},
{
"cve": "CVE-2024-56785",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56785"
},
{
"cve": "CVE-2024-56786",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56786"
},
{
"cve": "CVE-2024-56787",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"393401",
"T008144"
]
},
"release_date": "2025-01-08T23:00:00.000+00:00",
"title": "CVE-2024-56787"
}
]
}
ghsa-27cc-fvv7-2rh9
Vulnerability from github
Published
2025-01-08 18:30
Modified
2025-01-10 21:31
Severity ?
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
bpf: put bpf_link's program when link is safe to be deallocated
In general, BPF link's underlying BPF program should be considered to be reachable through attach hook -> link -> prog chain, and, pessimistically, we have to assume that as long as link's memory is not safe to free, attach hook's code might hold a pointer to BPF program and use it.
As such, it's not (generally) correct to put link's program early before waiting for RCU GPs to go through. More eager bpf_prog_put() that we currently do is mostly correct due to BPF program's release code doing similar RCU GP waiting, but as will be shown in the following patches, BPF program can be non-sleepable (and, thus, reliant on only "classic" RCU GP), while BPF link's attach hook can have sleepable semantics and needs to be protected by RCU Tasks Trace, and for such cases BPF link has to go through RCU Tasks Trace + "classic" RCU GPs before being deallocated. And so, if we put BPF program early, we might free BPF program before we free BPF link, leading to use-after-free situation.
So, this patch defers bpf_prog_put() until we are ready to perform bpf_link's deallocation. At worst, this delays BPF program freeing by one extra RCU GP, but that seems completely acceptable. Alternatively, we'd need more elaborate ways to determine BPF hook, BPF link, and BPF program lifetimes, and how they relate to each other, which seems like an unnecessary complication.
Note, for most BPF links we still will perform eager bpf_prog_put() and link dealloc, so for those BPF links there are no observable changes whatsoever. Only BPF links that use deferred dealloc might notice slightly delayed freeing of BPF programs.
Also, to reduce code and logic duplication, extract program put + link dealloc logic into bpf_link_dealloc() helper.
{
"affected": [],
"aliases": [
"CVE-2024-56786"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-01-08T18:15:19Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: put bpf_link\u0027s program when link is safe to be deallocated\n\nIn general, BPF link\u0027s underlying BPF program should be considered to be\nreachable through attach hook -\u003e link -\u003e prog chain, and, pessimistically,\nwe have to assume that as long as link\u0027s memory is not safe to free,\nattach hook\u0027s code might hold a pointer to BPF program and use it.\n\nAs such, it\u0027s not (generally) correct to put link\u0027s program early before\nwaiting for RCU GPs to go through. More eager bpf_prog_put() that we\ncurrently do is mostly correct due to BPF program\u0027s release code doing\nsimilar RCU GP waiting, but as will be shown in the following patches,\nBPF program can be non-sleepable (and, thus, reliant on only \"classic\"\nRCU GP), while BPF link\u0027s attach hook can have sleepable semantics and\nneeds to be protected by RCU Tasks Trace, and for such cases BPF link\nhas to go through RCU Tasks Trace + \"classic\" RCU GPs before being\ndeallocated. And so, if we put BPF program early, we might free BPF\nprogram before we free BPF link, leading to use-after-free situation.\n\nSo, this patch defers bpf_prog_put() until we are ready to perform\nbpf_link\u0027s deallocation. At worst, this delays BPF program freeing by\none extra RCU GP, but that seems completely acceptable. Alternatively,\nwe\u0027d need more elaborate ways to determine BPF hook, BPF link, and BPF\nprogram lifetimes, and how they relate to each other, which seems like\nan unnecessary complication.\n\nNote, for most BPF links we still will perform eager bpf_prog_put() and\nlink dealloc, so for those BPF links there are no observable changes\nwhatsoever. Only BPF links that use deferred dealloc might notice\nslightly delayed freeing of BPF programs.\n\nAlso, to reduce code and logic duplication, extract program put + link\ndealloc logic into bpf_link_dealloc() helper.",
"id": "GHSA-27cc-fvv7-2rh9",
"modified": "2025-01-10T21:31:27Z",
"published": "2025-01-08T18:30:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56786"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2fcb921c2799c49ac5e365cf4110f94a64ae4885"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/5fe23c57abadfd46a7a66e81f3536e4757252a0b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f44ec8733a8469143fde1984b5e6931b2e2f6f3f"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…