[Git][security-tracker-team/security-tracker][master] bpfcc fixed and unimportant

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Oct 28 16:31:45 GMT 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80524db9 by Moritz Muehlenhoff at 2024-10-28T17:31:17+01:00
bpfcc fixed and unimportant

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65645,14 +65645,13 @@ CVE-2024-2364 (A vulnerability classified as problematic has been found in Music
 CVE-2024-2363 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in AOL AIM T ...)
 	NOT-FOR-US: AOL AIM Triton
 CVE-2024-2314 (If kernel headers need to be extracted, bcc will attempt to load them  ...)
-	- bpfcc <unfixed> (bug #1071747)
-	[bookworm] - bpfcc <no-dsa> (Minor issue)
-	[bullseye] - bpfcc <no-dsa> (Minor issue)
-	[buster] - bpfcc <not-affected> (Vulnerable code introduced later)
+	- bpfcc 0.31.0+ds-2 (bug #1071747; unimportant)
 	NOTE: Fixed by: https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 (v0.30.0)
 	NOTE: Introduced by: https://github.com/iovisor/bcc/commit/ae92f3ddb6aa5b81c750abf3540b99f24d219e67 (v0.10.0)
 	NOTE: Attempt to mitigate in https://bugs.debian.org/1028479 (applied in 0.25.0+ds-2), and
 	NOTE: resulting in the additional problem in https://bugs.debian.org/1068297
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1221229#c1
+	NOTE: Does not affect Debian kernels since CONFIG_IKHEADERS isn't set
 CVE-2024-2313 (If kernel headers need to be extracted, bpftrace will attempt to load  ...)
 	- bpftrace 0.21.0-1 (bug #1071748)
 	[bookworm] - bpftrace <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80524db96423323c9d7bec887cf3e95703b8a343

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80524db96423323c9d7bec887cf3e95703b8a343
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241028/e1839bec/attachment.htm>


More information about the debian-security-tracker-commits mailing list