CVE-2024-42075

bpf: Fix remap of arena.

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refcnt for multiple mmap events to prevent use-after-free in arena_vm_close.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/87496a1b01e8e2e399428c0db25e106f7961d01e patch
https://git.kernel.org/stable/c/b90d77e5fd784ada62ddd714d15ee2400c28e1cf patch

Frequently Asked Questions

What is the severity of CVE-2024-42075?
CVE-2024-42075 has been scored as a medium severity vulnerability.
How to fix CVE-2024-42075?
To fix CVE-2024-42075, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-42075 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-42075 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-42075?
CVE-2024-42075 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.