Linux Kernel Tracing Bypass for SetUID Programs
CVE-2024-6760 Published on August 12, 2024
ktrace(2) fails to detach when executing a setuid binary
A logic bug in the code which disables kernel tracing for setuid programs meant that tracing was not disabled when it should have, allowing unprivileged users to trace and inspect the behavior of setuid programs.
The bug may be used by an unprivileged user to read the contents of files to which they would not otherwise have access, such as the local password database.
Vulnerability Analysis
CVE-2024-6760 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2024-6760 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2024-6760
stack.watch emails you whenever new vulnerabilities are published in FreeBSD or Linux Kernel. Just hit a watch button to start following.
Affected Versions
FreeBSD:- Version 14.1-RELEASE and below p3 is affected.
- Version 14.0-RELEASE and below p9 is affected.
- Version 13.3-RELEASE and below p5 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.