CVE-2024-2313

If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

CVSS v3 2.8 LOW

2.8^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.1 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313	Third Party Advisory
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998	Patch
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313	Third Party Advisory
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998	Patch

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:bpftrace:bpftrace:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-03-10 23:15

Updated : 2025-08-25 15:26

NVD link : CVE-2024-2313

Mitre link : CVE-2024-2313

CVE.ORG link : CVE-2024-2313

JSON object : View

Products Affected

linux

linux_kernel

bpftrace

bpftrace

CWE

CWE-377

Insecure Temporary File

{"id": "CVE-2024-2313", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 2.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.1}]}, "published": "2024-03-10T23:15:53.760", "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998", "tags": ["Patch"], "source": "[email protected]"}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-377"}]}], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}, {"lang": "es", "value": "Si es necesario extraer los encabezados del kernel, bpftrace intentar\u00e1 cargarlos desde un directorio temporal. Un atacante sin privilegios podr\u00eda usar esto para obligar a bcc a cargar encabezados de Linux comprometidos. Las distribuciones de Linux que proporcionan encabezados de kernel de forma predeterminada no se ven afectadas de forma predeterminada."}], "lastModified": "2025-08-25T15:26:44.610", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bpftrace:bpftrace:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E246C18F-EEDB-4C93-9879-C05CD4E99075", "versionEndExcluding": "0.20.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}