{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T07:38:10.792","vulnerabilities":[{"cve":{"id":"CVE-2024-49850","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T13:15:05.797","lastModified":"2025-11-03T23:16:24.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos\n\nIn case of malformed relocation record of kind BPF_CORE_TYPE_ID_LOCAL\nreferencing a non-existing BTF type, function bpf_core_calc_relo_insn\nwould cause a null pointer deference.\n\nFix this by adding a proper check upper in call stack, as malformed\nrelocation records could be passed from user space.\n\nSimplest reproducer is a program:\n\n    r0 = 0\n    exit\n\nWith a single relocation record:\n\n    .insn_off = 0,          /* patch first instruction */\n    .type_id = 100500,      /* this type id does not exist */\n    .access_str_off = 6,    /* offset of string \"0\" */\n    .kind = BPF_CORE_TYPE_ID_LOCAL,\n\nSee the link for original reproducer or next commit for a test case."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: maneja correctamente reubicaciones BPF_CORE_TYPE_ID_LOCAL malformadas En caso de un registro de reubicación malformado del tipo BPF_CORE_TYPE_ID_LOCAL que haga referencia a un tipo BTF inexistente, la función bpf_core_calc_relo_insn causaría una desreferencia de puntero nulo. Solucione esto agregando una verificación superior adecuada en la pila de llamadas, ya que los registros de reubicación malformados podrían pasarse desde el espacio de usuario. El reproductor más simple es un programa: r0 = 0 exit Con un solo registro de reubicación: .insn_off = 0, /* parchear la primera instrucción */ .type_id = 100500, /* este id de tipo no existe */ .access_str_off = 6, /* desplazamiento de la cadena \"0\" */ .kind = BPF_CORE_TYPE_ID_LOCAL, Consulte el enlace para el reproductor original o la próxima confirmación para un caso de prueba."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.1.113","matchCriteriaId":"09358D68-A717-469E-B900-8002A642E29A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.54","matchCriteriaId":"D448821D-C085-4CAF-88FA-2DDE7BE21976"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.10.13","matchCriteriaId":"CE94BB8D-B0AB-4563-9ED7-A12122B56EBE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.2","matchCriteriaId":"AB755D26-97F4-43B6-8604-CD076811E181"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2288b54b96dcb55bedebcef3572bb8821fc5e708","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3d2786d65aaa954ebd3fcc033ada433e10da21c4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/584cd3ff792e1edbea20b2a7df55897159b0be3e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dc7ce14f00bcd50641f2110b7a32aa6552e0780f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e7e9c5b2dda29067332df2a85b0141a92b41f218","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}