DescriptionIf kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs1071747

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
bpfcc (PTS)bullseye0.18.0+ds-2vulnerable
sid, trixie0.30.0+ds-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bpfccsourcebuster(not affected)


[bookworm] - bpfcc <no-dsa> (Minor issue)
[bullseye] - bpfcc <no-dsa> (Minor issue)
[buster] - bpfcc <not-affected> (Vulnerable code introduced later)
Fixed by: (v0.30.0)
Introduced by: (v0.10.0)
Attempt to mitigate in (applied in 0.25.0+ds-2), and
resulting in the additional problem in

Search for package or bug name: Reporting problems