MidnightBSD

Advisories for iovisor

CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@ubuntu.com 2.8 LOW CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L 1.1 1.4

Products Affected

Vendor Product Version
iovisor bpf_compiler_collection *