CVE-2024-50262
bpf: Fix out-of-bounds write in trie_get_next_key()
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key() trie_get_next_key() allocates a node stack with size trie->max_prefixlen, while it writes (trie->max_prefixlen + 1) nodes to the stack when it has full paths from the root to leaves. For example, consider a trie with max_prefixlen is 8, and the nodes with key 0x00/0, 0x00/1, 0x00/2, ... 0x00/8 inserted. Subsequent calls to trie_get_next_key with _key with .prefixlen = 8 make 9 nodes be written on the node stack with size 8.
| Vendor | linux |
| Product | linux |
| Ecosystems | |
| Industries | Technology |
| Published | Nov 9, 2024 |
| Last Updated | May 12, 2026 |
Stay Ahead of the Next One
Get instant alerts for linux linux
Be the first to know when new high vulnerabilities affecting linux linux are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Linux / Linux
b471f2f1de8b816f1e799b80aa92588f3566e4bd < e8494ac079814a53fbc2258d2743e720907488ed b471f2f1de8b816f1e799b80aa92588f3566e4bd < 91afbc0eb3c90258ae378ae3c6ead3d2371e926d b471f2f1de8b816f1e799b80aa92588f3566e4bd < 590976f921723d53ac199c01d5b7b73a94875e68 b471f2f1de8b816f1e799b80aa92588f3566e4bd < 86c8ebe02d8806dd8878d0063e8e185622ab6ea6 b471f2f1de8b816f1e799b80aa92588f3566e4bd < a035df0b98df424559fd383e8e1a268f422ea2ba b471f2f1de8b816f1e799b80aa92588f3566e4bd < 90a6e0e1e151ef7a9282e78f54c3091de2dcc99c b471f2f1de8b816f1e799b80aa92588f3566e4bd < c4b4f9a9ab82238cb158fa4fe61a8c0ae21a4980 b471f2f1de8b816f1e799b80aa92588f3566e4bd < 13400ac8fb80c57c2bfb12ebd35ee121ce9b4d21
Linux / Linux
4.16
References
git.kernel.org: https://git.kernel.org/stable/c/e8494ac079814a53fbc2258d2743e720907488ed git.kernel.org: https://git.kernel.org/stable/c/91afbc0eb3c90258ae378ae3c6ead3d2371e926d git.kernel.org: https://git.kernel.org/stable/c/590976f921723d53ac199c01d5b7b73a94875e68 git.kernel.org: https://git.kernel.org/stable/c/86c8ebe02d8806dd8878d0063e8e185622ab6ea6 git.kernel.org: https://git.kernel.org/stable/c/a035df0b98df424559fd383e8e1a268f422ea2ba git.kernel.org: https://git.kernel.org/stable/c/90a6e0e1e151ef7a9282e78f54c3091de2dcc99c git.kernel.org: https://git.kernel.org/stable/c/c4b4f9a9ab82238cb158fa4fe61a8c0ae21a4980 git.kernel.org: https://git.kernel.org/stable/c/13400ac8fb80c57c2bfb12ebd35ee121ce9b4d21 lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-398330.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-265688.html cert-portal.siemens.com: https://cert-portal.siemens.com/productcert/html/ssa-355557.html