vulnerability

Red Hat: CVE-2024-46754: kernel: bpf: Remove tst_run from lwt_seg6local_prog_ops. (Multiple Advisories)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Sep 18, 2024
Added
May 15, 2025
Modified
Aug 7, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

bpf: Remove tst_run from lwt_seg6local_prog_ops.

The syzbot reported that the lwt_seg6 related BPF ops can be invoked
via bpf_test_run() without without entering input_action_end_bpf()
first.

Martin KaFai Lau said that self test for BPF_PROG_TYPE_LWT_SEG6LOCAL
probably didn't work since it was introduced in commit 04d4b274e2a
("ipv6: sr: Add seg6local action End.BPF"). The reason is that the
per-CPU variable seg6_bpf_srh_states::srh is never assigned in the self
test case but each BPF function expects it.

Remove test_run for BPF_PROG_TYPE_LWT_SEG6LOCAL.

Solutions

no-fix-redhat-rpm-packageredhat-upgrade-kernelredhat-upgrade-kernel-rt

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today