CVE-2024-57931

MEDIUM EPSS 10.5%
Published Jan 21, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jan 21, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling BUG(). This commit ensures that future permissions can be added without interfering with older kernels.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
10.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥4.3  –  <5.4.289
linuxlinux_kernel*≥5.5  –  <5.10.233
linuxlinux_kernel*≥5.11  –  <5.15.176
linuxlinux_kernel*≥5.16  –  <6.1.124
linuxlinux_kernel*≥6.2  –  <6.6.70
linuxlinux_kernel*≥6.7  –  <6.12.9
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 9

  • git.kernel.org https://git.kernel.org/stable/c/712137b177b45f255ce5687e679d950fcb218256
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/900f83cf376bdaf798b6f5dcb2eae0c822e908b6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c1dbd28a079553de0023e1c938c713efeeee400f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c79324d42fa48372e0acb306a2761cc642bd4db0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efefe36c03a73bb81c0720ce397659a5051b73fa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f45a77dd24ae9ddb474303ec3975c376bd99fc51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f70e4b9ec69d9a74b84c17767a9a4eda8c901021
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/712137b177b45f255ce5687e679d950fcb218256
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/900f83cf376bdaf798b6f5dcb2eae0c822e908b6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c1dbd28a079553de0023e1c938c713efeeee400f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c79324d42fa48372e0acb306a2761cc642bd4db0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efefe36c03a73bb81c0720ce397659a5051b73fa
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f45a77dd24ae9ddb474303ec3975c376bd99fc51
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f70e4b9ec69d9a74b84c17767a9a4eda8c901021
    Patch