{"vulnerability": "CVE-2024-58100", "sightings": [{"uuid": "1844349f-cd9b-40f1-97dd-1c4126f88c5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-58100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3logrda2vmu22", "content": "", "creation_timestamp": "2025-05-05T16:16:29.029882Z"}, {"uuid": "4891521c-8efe-41f3-b16c-331b7677d9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-58100", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "8da2b800-e47f-4dbf-a219-25dc79aa1ea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-58100", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15704", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-58100\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: check changes_pkt_data property for extension programs\n\nWhen processing calls to global sub-programs, verifier decides whether\nto invalidate all packet pointers in current state depending on the\nchanges_pkt_data property of the global sub-program.\n\nBecause of this, an extension program replacing a global sub-program\nmust be compatible with changes_pkt_data property of the sub-program\nbeing replaced.\n\nThis commit:\n- adds changes_pkt_data flag to struct bpf_prog_aux:\n  - this flag is set in check_cfg() for main sub-program;\n  - in jit_subprogs() for other sub-programs;\n- modifies bpf_check_attach_btf_id() to check changes_pkt_data flag;\n- moves call to check_attach_btf_id() after the call to check_cfg(),\n  because it needs changes_pkt_data flag to be set:\n\n    bpf_check:\n      ...                             ...\n    - check_attach_btf_id             resolve_pseudo_ldimm64\n      resolve_pseudo_ldimm64   -->    bpf_prog_is_offloaded\n      bpf_prog_is_offloaded           check_cfg\n      check_cfg                     + check_attach_btf_id\n      ...                             ...\n\nThe following fields are set by check_attach_btf_id():\n- env->ops\n- prog->aux->attach_btf_trace\n- prog->aux->attach_func_name\n- prog->aux->attach_func_proto\n- prog->aux->dst_trampoline\n- prog->aux->mod\n- prog->aux->saved_dst_attach_type\n- prog->aux->saved_dst_prog_type\n- prog->expected_attach_type\n\nNeither of these fields are used by resolve_pseudo_ldimm64() or\nbpf_prog_offload_verifier_prep() (for netronome and netdevsim\ndrivers), so the reordering is safe.\n\ud83d\udccf Published: 2025-05-05T14:53:33.445Z\n\ud83d\udccf Modified: 2025-05-09T08:06:09.147Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/7197fc4acdf238ec8ad06de5a8235df0c1f9c7d7\n2. https://git.kernel.org/stable/c/3846e2bea565ee1c5195dcc625fda9868fb0e3b3\n3. https://git.kernel.org/stable/c/81f6d0530ba031b5f038a091619bf2ff29568852", "creation_timestamp": "2025-05-09T08:25:24.000000Z"}]}