CVE-2024-2314

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

CVSS v3 2.8 LOW

2.8^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.1 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314	Third Party Advisory
https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342	Patch
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314	Third Party Advisory
https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342	Patch

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:iovisor:bpf_compiler_collection:*:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

26 Aug 2025, 17:18

Type	Values Removed	Values Added
CWE		NVD-CWE-noinfo
References	~~() https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 -~~	() https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 - Third Party Advisory
References	~~() https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 -~~	() https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 - Patch
First Time		Linux linux Kernel Iovisor bpf Compiler Collection Iovisor Linux
CPE		cpe:2.3:a:iovisor:bpf_compiler_collection:::::::: cpe:2.3:o:linux:linux_kernel:-:::::::*

21 Nov 2024, 09:09

Type	Values Removed	Values Added
References	~~() https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 -~~	() https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314 -
References	~~() https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 -~~	() https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342 -

10 Mar 2024, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-10 23:15

Updated : 2025-08-26 17:18

NVD link : CVE-2024-2314

Mitre link : CVE-2024-2314

CVE.ORG link : CVE-2024-2314

JSON object : View

Products Affected

linux

linux_kernel

iovisor

bpf_compiler_collection

CWE

NVD-CWE-noinfo

{"id": "CVE-2024-2314", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@ubuntu.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 2.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.5, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 1.0}]}, "published": "2024-03-10T23:15:53.967", "references": [{"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314", "tags": ["Third Party Advisory"], "source": "security@ubuntu.com"}, {"url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342", "tags": ["Patch"], "source": "security@ubuntu.com"}, {"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2314", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/iovisor/bcc/commit/008ea09e891194c072f2a9305a3c872a241dc342", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default."}, {"lang": "es", "value": "Si es necesario extraer los encabezados del kernel, bcc intentar\u00e1 cargarlos desde un directorio temporal. Un atacante sin privilegios podr\u00eda usar esto para obligar a bcc a cargar encabezados de Linux comprometidos. Las distribuciones de Linux que proporcionan encabezados de kernel de forma predeterminada no se ven afectadas de forma predeterminada."}], "lastModified": "2025-08-26T17:18:49.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:iovisor:bpf_compiler_collection:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8061F8F-A34B-4F67-A745-C398752DA483", "versionEndExcluding": "0.30.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@ubuntu.com"}