{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T16:43:20.260","vulnerabilities":[{"cve":{"id":"CVE-2024-50161","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-11-07T10:15:07.480","lastModified":"2025-10-01T21:15:55.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check the remaining info_cnt before repeating btf fields\n\nWhen trying to repeat the btf fields for array of nested struct, it\ndoesn't check the remaining info_cnt. The following splat will be\nreported when the value of ret * nelems is greater than BTF_FIELDS_MAX:\n\n  ------------[ cut here ]------------\n  UBSAN: array-index-out-of-bounds in ../kernel/bpf/btf.c:3951:49\n  index 11 is out of range for type 'btf_field_info [11]'\n  CPU: 6 UID: 0 PID: 411 Comm: test_progs ...... 6.11.0-rc4+ #1\n  Tainted: [O]=OOT_MODULE\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ...\n  Call Trace:\n   <TASK>\n   dump_stack_lvl+0x57/0x70\n   dump_stack+0x10/0x20\n   ubsan_epilogue+0x9/0x40\n   __ubsan_handle_out_of_bounds+0x6f/0x80\n   ? kallsyms_lookup_name+0x48/0xb0\n   btf_parse_fields+0x992/0xce0\n   map_create+0x591/0x770\n   __sys_bpf+0x229/0x2410\n   __x64_sys_bpf+0x1f/0x30\n   x64_sys_call+0x199/0x9f0\n   do_syscall_64+0x3b/0xc0\n   entry_SYSCALL_64_after_hwframe+0x4b/0x53\n  RIP: 0033:0x7fea56f2cc5d\n  ......\n   </TASK>\n  ---[ end trace ]---\n\nFix it by checking the remaining info_cnt in btf_repeat_fields() before\nrepeating the btf fields."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Verificar el info_cnt restante antes de repetir los campos btf Al intentar repetir los campos btf para una matriz de estructuras anidadas, no verifica el info_cnt restante. Se informará el siguiente error cuando el valor de ret * nelems sea mayor que BTF_FIELDS_MAX: ------------[ cortar aquí ]------------ UBSAN: array-index-out-of-bounds en ../kernel/bpf/btf.c:3951:49 el índice 11 está fuera de rango para el tipo 'btf_field_info [11]' CPU: 6 UID: 0 PID: 411 Comm: test_progs ...... 6.11.0-rc4+ #1 Tainted: [O]=OOT_MODULE Nombre del hardware: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ... Seguimiento de llamadas:  dump_stack_lvl+0x57/0x70 dump_stack+0x10/0x20 ubsan_epilogue+0x9/0x40 __ubsan_handle_fuera_de_límites+0x6f/0x80 ? kallsyms_lookup_name+0x48/0xb0 btf_parse_fields+0x992/0xce0 map_create+0x591/0x770 __sys_bpf+0x229/0x2410 __x64_sys_bpf+0x1f/0x30 x64_sys_call+0x199/0x9f0 do_syscall_64+0x3b/0xc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7fea56f2cc5d ......  ---[ fin del seguimiento ]--- Arréglelo comprobando el info_cnt restante en btf_repeat_fields() antes de repetir los campos btf."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.11.6","matchCriteriaId":"35973F0F-C32F-4D88-B0FE-C75F65A0002B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*","matchCriteriaId":"7F361E1D-580F-4A2D-A509-7615F73167A1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"3C95E234-D335-4B6C-96BF-E2CEBD8654ED"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6f957d972feee9b385ea3ae6530310a84e55ba71","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/797d73ee232dd1833dec4824bc53a22032e97c1c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}