CVE-2024-57931
Published: January 22, 2025Last modified: January 22, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling BUG(). This commit ensures that future permissions can be added without interfering with older kernels.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.124-r0) |
| 25 LTS | linux-lts | Fixed (6.12.41-r0) | |
| Stream | linux-lts | Fixed (6.12.41-r0) |
References
- https://git.kernel.org/stable/c/712137b177b45f255ce5687e679d950fcb218256
- https://git.kernel.org/stable/c/900f83cf376bdaf798b6f5dcb2eae0c822e908b6
- https://git.kernel.org/stable/c/c1dbd28a079553de0023e1c938c713efeeee400f
- https://git.kernel.org/stable/c/c79324d42fa48372e0acb306a2761cc642bd4db0
- https://git.kernel.org/stable/c/efefe36c03a73bb81c0720ce397659a5051b73fa
- https://git.kernel.org/stable/c/f45a77dd24ae9ddb474303ec3975c376bd99fc51
- https://git.kernel.org/stable/c/f70e4b9ec69d9a74b84c17767a9a4eda8c901021