CVE-2024-2314
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-2314
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-2314.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-2314
- Downstream
- Related
- Published
- 2024-03-10T23:15:53.967Z
- Modified
- 2025-11-20T12:24:51.042714Z
- Severity
-
- 2.5 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
- References
Affected packages
Git / github.com/iovisor/bcc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/iovisor/bcc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.29.0
v0.*
v0.1
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.8
v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.14.0
v0.15.0
v0.16.0
v0.17.0
v0.18.0
v0.19.0
v0.2.0
v0.20.0
v0.21.0
v0.22.0
v0.23.0
v0.24.0
v0.25.0
v0.26.0
v0.27.0
v0.28.0
v0.29.0
v0.29.1
v0.3.0
v0.4.0
v0.5.0
v0.6.0
v0.6.1
v0.7.0
v0.8.0
v0.9.0
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"target": {
"file": "src/cc/frontends/clang/kbuild_helper.cc",
"function": "file_exists"
},
"deprecated": false,
"source": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342",
"id": "CVE-2024-2314-1c2a2150",
"signature_type": "Function",
"digest": {
"function_hash": "308716148748540606133817584002692136566",
"length": 113.0
}
},
{
"signature_version": "v1",
"target": {
"file": "src/cc/frontends/clang/kbuild_helper.cc",
"function": "get_proc_kheaders"
},
"deprecated": false,
"source": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342",
"id": "CVE-2024-2314-44ef7087",
"signature_type": "Function",
"digest": {
"function_hash": "36553956271564276799818680856489912411",
"length": 279.0
}
},
{
"signature_version": "v1",
"target": {
"file": "src/cc/frontends/clang/kbuild_helper.cc",
"function": "proc_kheaders_exists"
},
"deprecated": false,
"source": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342",
"id": "CVE-2024-2314-9cfb27c4",
"signature_type": "Function",
"digest": {
"function_hash": "176068315365745535262836052478444433058",
"length": 83.0
}
},
{
"signature_version": "v1",
"target": {
"file": "src/cc/frontends/clang/kbuild_helper.cc"
},
"deprecated": false,
"source": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342",
"id": "CVE-2024-2314-9f70d357",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"203144673931783277252679441464818329457",
"254514248939720361619626096940303900352",
"304407264196365778991441667459302027185",
"198000745905710924416509355846585799580",
"327793335891738710618898004887903648685",
"219603813375402378306049359073636592218",
"60127501487766778599290419140892115467",
"217952124790708712411794248912960313958",
"111194669660047849200649400389794245628",
"284230794198876485759471270740745994755",
"315588038695568193871764469486784558373",
"224828295704853230034386982561521009631",
"252394138666132878342978846779213536240",
"68029674717479282024606727610100404331",
"277934550484589590181224682729557060719"
]
}
}
]