{"uuid": "0763c49e-745b-449a-95d4-ad162b3a17d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50253", "type": "seen", "source": "https://t.me/cvedetector/10321", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50253 - Linux Kernel BPF Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50253 \nPublished : Nov. 9, 2024, 11:15 a.m. | 40\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbpf: Check the validity of nr_words in bpf_iter_bits_new()  \n  \nCheck the validity of nr_words in bpf_iter_bits_new(). Without this  \ncheck, when multiplication overflow occurs for nr_bits (e.g., when  \nnr_words = 0x0400-0001, nr_bits becomes 64), stack corruption may occur  \ndue to bpf_probe_read_kernel_common(..., nr_bytes = 0x2000-0008).  \n  \nFix it by limiting the maximum value of nr_words to 511. The value is  \nderived from the current implementation of BPF memory allocator. To  \nensure compatibility if the BPF memory allocator's size limitation  \nchanges in the future, use the helper bpf_mem_alloc_check_size() to  \ncheck whether nr_bytes is too larger. And return -E2BIG instead of  \n-ENOMEM for oversized nr_bytes. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T13:17:42.000000Z"}