CVE-2024-57931

medium

Description

In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling BUG(). This commit ensures that future permissions can be added without interfering with older kernels.

References

https://git.kernel.org/stable/c/f70e4b9ec69d9a74b84c17767a9a4eda8c901021

https://git.kernel.org/stable/c/f45a77dd24ae9ddb474303ec3975c376bd99fc51

https://git.kernel.org/stable/c/efefe36c03a73bb81c0720ce397659a5051b73fa

https://git.kernel.org/stable/c/c79324d42fa48372e0acb306a2761cc642bd4db0

https://git.kernel.org/stable/c/c1dbd28a079553de0023e1c938c713efeeee400f

https://git.kernel.org/stable/c/900f83cf376bdaf798b6f5dcb2eae0c822e908b6

https://git.kernel.org/stable/c/712137b177b45f255ce5687e679d950fcb218256

Details

Source: Mitre, NVD

Published: 2025-01-21

Updated: 2025-01-21

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium