Security tracker / CVE-2024-50063

CVE-2024-50063

bpf: Prevent tail call between progs attached to different hooks

References

• Debian security tracker
• cve.org

Notes

 carnil> Vulnerable versions: 5.5.

Bugs

Status

Branch	Status
upstream	released (6.12-rc1) [28ead3eaabc16ecc907cfb71876da028080f6356]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.11-upstream-stable	released (6.11.4) [88c2a10e6c176c2860cd0659f4c0e9d20b3f64d1]
6.6-upstream-stable	released (6.6.57) [5d5e3b4cbe8ee16b7bf96fd73a421c92a9da3ca1]
6.1-upstream-stable	released (6.1.135) [d9a807fb7cbfad4328824186e2e4bee28f72169b]
5.10-upstream-stable	needed
4.19-upstream-stable	N/A "Vulnerable code not present"
sid	released (6.11.4-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	released (6.1.135-1)
5.10-bullseye-security	needed