CVE-2024-42075
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-42075
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42075.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-42075
- Downstream
- Published
- 2024-07-29T15:52:38.154Z
- Modified
- 2025-11-20T04:55:40.710124Z
- Summary
- bpf: Fix remap of arena.
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix remap of arena.
The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arenavmclose.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced317460317a02a1af512697e6e964298dedd8a163Fixed87496a1b01e8e2e399428c0db25e106f7961d01e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced317460317a02a1af512697e6e964298dedd8a163Fixedb90d77e5fd784ada62ddd714d15ee2400c28e1cf
Affected versions
v6.*
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.8
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v6.9.6
v6.9.7
Database specific
vanir_signatures
[
{
"digest": {
"line_hashes": [
"205334410254155835401541870986440322787",
"292519187666682681995025186916088787458",
"280157488293453131154154449086376840841",
"338562484707149541201576058656485315258",
"48403201021394711263996522650661961270",
"308420844973423266979481809843929977954",
"339600224056328321818681857401719093690",
"122908458898624942822995495258453455865",
"183027006312313516660197186848712429149",
"314635869623621336466513623167760931396",
"158317320782461386890642619609214271155",
"247715685386733301872199969674172436205",
"253202272964057711471064669324551124640",
"153793373628904205632316802412636141193",
"256155287558449022906790333918078059341",
"40521659625387589639324476609142988219",
"9663679858514586830835909878794501120",
"314084777234592810223354387366984421499",
"205487609077812431199562878604599792804",
"320029837956592331597844489848078575436",
"108125648121564596811474676190163108381",
"91565484391386045592923989435142998531",
"340119097408653124442972077398210410842",
"252283703060682713538599069845609625369"
],
"threshold": 0.9
},
"target": {
"file": "kernel/bpf/arena.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87496a1b01e8e2e399428c0db25e106f7961d01e",
"id": "CVE-2024-42075-0687dfab",
"signature_type": "Line"
},
{
"digest": {
"length": 337.0,
"function_hash": "331695409451416258232442787756195637918"
},
"target": {
"function": "arena_vm_close",
"file": "kernel/bpf/arena.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87496a1b01e8e2e399428c0db25e106f7961d01e",
"id": "CVE-2024-42075-16fb26c6",
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"205334410254155835401541870986440322787",
"292519187666682681995025186916088787458",
"280157488293453131154154449086376840841",
"338562484707149541201576058656485315258",
"48403201021394711263996522650661961270",
"308420844973423266979481809843929977954",
"339600224056328321818681857401719093690",
"122908458898624942822995495258453455865",
"183027006312313516660197186848712429149",
"314635869623621336466513623167760931396",
"158317320782461386890642619609214271155",
"247715685386733301872199969674172436205",
"253202272964057711471064669324551124640",
"153793373628904205632316802412636141193",
"256155287558449022906790333918078059341",
"40521659625387589639324476609142988219",
"9663679858514586830835909878794501120",
"314084777234592810223354387366984421499",
"205487609077812431199562878604599792804",
"320029837956592331597844489848078575436",
"108125648121564596811474676190163108381",
"91565484391386045592923989435142998531",
"340119097408653124442972077398210410842",
"252283703060682713538599069845609625369"
],
"threshold": 0.9
},
"target": {
"file": "kernel/bpf/arena.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b90d77e5fd784ada62ddd714d15ee2400c28e1cf",
"id": "CVE-2024-42075-29455e95",
"signature_type": "Line"
},
{
"digest": {
"length": 337.0,
"function_hash": "331695409451416258232442787756195637918"
},
"target": {
"function": "arena_vm_close",
"file": "kernel/bpf/arena.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b90d77e5fd784ada62ddd714d15ee2400c28e1cf",
"id": "CVE-2024-42075-417986af",
"signature_type": "Function"
},
{
"digest": {
"length": 273.0,
"function_hash": "41054114806735082590522930998221983830"
},
"target": {
"function": "remember_vma",
"file": "kernel/bpf/arena.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b90d77e5fd784ada62ddd714d15ee2400c28e1cf",
"id": "CVE-2024-42075-b1abeccc",
"signature_type": "Function"
},
{
"digest": {
"length": 273.0,
"function_hash": "41054114806735082590522930998221983830"
},
"target": {
"function": "remember_vma",
"file": "kernel/bpf/arena.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87496a1b01e8e2e399428c0db25e106f7961d01e",
"id": "CVE-2024-42075-dfe01a67",
"signature_type": "Function"
}
]