bcc: fix CVE-2024-2314 - linux/meta-clang.git - Mirror of github.com/kraj/meta-clang.git

diff options

author	Divya Chellam <divya.chellam@windriver.com>	2025-04-04 01:38:39 +0000
committer	Khem Raj <raj.khem@gmail.com>	2025-04-10 17:54:52 -0700
commit	eaa08939eaec9f620b14742ff3ac568553683034 (patch)
tree	8b58ccb0bd053041bf8655544cb2f94d19085fd7 /classes/clang-native.bbclass
parent	b9ef02282197380ef05edbd0eb852e1934ceb59b (diff)
download	meta-clang-scarthgap.tar.gz

bcc: fix CVE-2024-2314scarthgap

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-2314 Upstream-patch: https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 Signed-off-by: Divya Chellam <divya.chellam@windriver.com>

Diffstat (limited to 'classes/clang-native.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: