{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-53099","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-11-19T17:17:24.983Z","datePublished":"2024-11-25T21:21:27.691Z","dateUpdated":"2025-11-03T20:45:50.627Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-07-30T05:58:54.926Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check validity of link->type in bpf_link_show_fdinfo()\n\nIf a newly-added link type doesn't invoke BPF_LINK_TYPE(), accessing\nbpf_link_type_strs[link->type] may result in an out-of-bounds access.\n\nTo spot such missed invocations early in the future, checking the\nvalidity of link->type in bpf_link_show_fdinfo() and emitting a warning\nwhen such invocations are missed."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/bpf/syscall.c"],"versions":[{"version":"70ed506c3bbcfa846d4636b23051ca79fa4781f7","lessThan":"79f87a6ec39fb5968049a6775a528bf58b25c20a","status":"affected","versionType":"git"},{"version":"70ed506c3bbcfa846d4636b23051ca79fa4781f7","lessThan":"24fec234d2ba9ca3c14e545ebe3fd6dcb47f074d","status":"affected","versionType":"git"},{"version":"70ed506c3bbcfa846d4636b23051ca79fa4781f7","lessThan":"4e8074bb33d18f56af30a0252cb3606d27eb1c13","status":"affected","versionType":"git"},{"version":"70ed506c3bbcfa846d4636b23051ca79fa4781f7","lessThan":"d5092b0a1aaf35d77ebd8d33384d7930bec5cb5d","status":"affected","versionType":"git"},{"version":"70ed506c3bbcfa846d4636b23051ca79fa4781f7","lessThan":"b3eb1b6a9f745d6941b345f0fae014dc8bb06d36","status":"affected","versionType":"git"},{"version":"70ed506c3bbcfa846d4636b23051ca79fa4781f7","lessThan":"8421d4c8762bd022cb491f2f0f7019ef51b4f0a7","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/bpf/syscall.c"],"versions":[{"version":"5.7","status":"affected"},{"version":"0","lessThan":"5.7","status":"unaffected","versionType":"semver"},{"version":"5.10.233","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.176","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.123","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.62","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.11.9","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.10.233"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.15.176"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.1.123"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.6.62"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.11.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"6.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/79f87a6ec39fb5968049a6775a528bf58b25c20a"},{"url":"https://git.kernel.org/stable/c/24fec234d2ba9ca3c14e545ebe3fd6dcb47f074d"},{"url":"https://git.kernel.org/stable/c/4e8074bb33d18f56af30a0252cb3606d27eb1c13"},{"url":"https://git.kernel.org/stable/c/d5092b0a1aaf35d77ebd8d33384d7930bec5cb5d"},{"url":"https://git.kernel.org/stable/c/b3eb1b6a9f745d6941b345f0fae014dc8bb06d36"},{"url":"https://git.kernel.org/stable/c/8421d4c8762bd022cb491f2f0f7019ef51b4f0a7"}],"title":"bpf: Check validity of link->type in bpf_link_show_fdinfo()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:45:50.627Z"}}]}}