vulnerability

Huawei EulerOS: CVE-2024-26884: kernel security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Apr 17, 2024	Jun 26, 2024	Apr 1, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Apr 17, 2024

Added

Jun 26, 2024

Modified

Apr 1, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix hashtab overflow check on 32-bit arches

The hashtab code relies on roundup_pow_of_two() to compute the number of
hash buckets, and contains an overflow check by checking if the
resulting value is 0. However, on 32-bit arches, the roundup code itself
can overflow by doing a 32-bit left-shift of an unsigned long value,
which is undefined behaviour, so it is not guaranteed to truncate
neatly. This was triggered by syzbot on the DEVMAP_HASH type, which
contains the same check, copied from the hashtab code. So apply the same
fix to hashtab, by moving the overflow check to before the roundup.

Solutions

huawei-euleros-2_0_sp11-upgrade-bpftoolhuawei-euleros-2_0_sp11-upgrade-kernelhuawei-euleros-2_0_sp11-upgrade-kernel-abi-stablelistshuawei-euleros-2_0_sp11-upgrade-kernel-toolshuawei-euleros-2_0_sp11-upgrade-kernel-tools-libshuawei-euleros-2_0_sp11-upgrade-python3-perf

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report