Red Hat Product Errata RHSA-2024:9188 - Security Advisory
Issued:
2024-11-12
Updated:
2024-11-12

RHSA-2024:9188 - Security Advisory

Synopsis

Low: bpftrace security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for bpftrace is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap

Security Fix(es):

  • bpftrace: unprivileged users can force loading of compromised linux headers (CVE-2024-2313)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.5 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

  • BZ - 2269014 - CVE-2024-2313 bpftrace: unprivileged users can force loading of compromised linux headers
  • RHEL-30779 - Rebase bpftrace to the latest version

Red Hat Enterprise Linux for x86_64 9

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
x86_64
bpftrace-0.21.1-1.el9.x86_64.rpm SHA-256: 1b8d012f4958f0b821151c2c18645823c4386d7ddf6415fea270f0245b2b8083
bpftrace-debuginfo-0.21.1-1.el9.x86_64.rpm SHA-256: 4112a4f556804338be5b7ce7d52e6369a4035abc901bf77a5b186a7e0337232d
bpftrace-debugsource-0.21.1-1.el9.x86_64.rpm SHA-256: d92aa5a6751d89bf53a997c21e8333bbece3e140b0d82ddf2f51c2850c310d07

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
x86_64
bpftrace-0.21.1-1.el9.x86_64.rpm SHA-256: 1b8d012f4958f0b821151c2c18645823c4386d7ddf6415fea270f0245b2b8083
bpftrace-debuginfo-0.21.1-1.el9.x86_64.rpm SHA-256: 4112a4f556804338be5b7ce7d52e6369a4035abc901bf77a5b186a7e0337232d
bpftrace-debugsource-0.21.1-1.el9.x86_64.rpm SHA-256: d92aa5a6751d89bf53a997c21e8333bbece3e140b0d82ddf2f51c2850c310d07

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
x86_64
bpftrace-0.21.1-1.el9.x86_64.rpm SHA-256: 1b8d012f4958f0b821151c2c18645823c4386d7ddf6415fea270f0245b2b8083
bpftrace-debuginfo-0.21.1-1.el9.x86_64.rpm SHA-256: 4112a4f556804338be5b7ce7d52e6369a4035abc901bf77a5b186a7e0337232d
bpftrace-debugsource-0.21.1-1.el9.x86_64.rpm SHA-256: d92aa5a6751d89bf53a997c21e8333bbece3e140b0d82ddf2f51c2850c310d07

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
s390x
bpftrace-0.21.1-1.el9.s390x.rpm SHA-256: 333c04f8e7379e507fca2a2e7c81a7e68188999d141c2f8e034533b64e3a348f
bpftrace-debuginfo-0.21.1-1.el9.s390x.rpm SHA-256: ee9c69e14994be8373a88600e841a0de481959e6917bd775207b49c3b3c07889
bpftrace-debugsource-0.21.1-1.el9.s390x.rpm SHA-256: c00011d74fe6281618d947d3930a8781607e3b9751342a04783143e36a6b22b6

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
s390x
bpftrace-0.21.1-1.el9.s390x.rpm SHA-256: 333c04f8e7379e507fca2a2e7c81a7e68188999d141c2f8e034533b64e3a348f
bpftrace-debuginfo-0.21.1-1.el9.s390x.rpm SHA-256: ee9c69e14994be8373a88600e841a0de481959e6917bd775207b49c3b3c07889
bpftrace-debugsource-0.21.1-1.el9.s390x.rpm SHA-256: c00011d74fe6281618d947d3930a8781607e3b9751342a04783143e36a6b22b6

Red Hat Enterprise Linux for Power, little endian 9

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
ppc64le
bpftrace-0.21.1-1.el9.ppc64le.rpm SHA-256: a8fed3837f8004a41940e1c28917566d6023045edb141d2cdeeabf6d9d178e3e
bpftrace-debuginfo-0.21.1-1.el9.ppc64le.rpm SHA-256: c09d872fdded33514f9a888b86b721af85038861edcd1d4908111fbb636964ab
bpftrace-debugsource-0.21.1-1.el9.ppc64le.rpm SHA-256: ac98b080276728316a487ed43965ada8aa90ac25440fb5b3520fd6d8cc6ced34

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
ppc64le
bpftrace-0.21.1-1.el9.ppc64le.rpm SHA-256: a8fed3837f8004a41940e1c28917566d6023045edb141d2cdeeabf6d9d178e3e
bpftrace-debuginfo-0.21.1-1.el9.ppc64le.rpm SHA-256: c09d872fdded33514f9a888b86b721af85038861edcd1d4908111fbb636964ab
bpftrace-debugsource-0.21.1-1.el9.ppc64le.rpm SHA-256: ac98b080276728316a487ed43965ada8aa90ac25440fb5b3520fd6d8cc6ced34

Red Hat Enterprise Linux for ARM 64 9

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
aarch64
bpftrace-0.21.1-1.el9.aarch64.rpm SHA-256: 53754ebdc3078b79d2796c97d98b878077056347cc45450f2a07edd5fde8a66e
bpftrace-debuginfo-0.21.1-1.el9.aarch64.rpm SHA-256: 2048bd88d6aa981b2b698381cffde7b712391b8e9856ca7573fe92d0132952ef
bpftrace-debugsource-0.21.1-1.el9.aarch64.rpm SHA-256: 45268d55512012ee872e330897c2cdbb39a93ee19fbf04645dc6446d10feb6ea

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
aarch64
bpftrace-0.21.1-1.el9.aarch64.rpm SHA-256: 53754ebdc3078b79d2796c97d98b878077056347cc45450f2a07edd5fde8a66e
bpftrace-debuginfo-0.21.1-1.el9.aarch64.rpm SHA-256: 2048bd88d6aa981b2b698381cffde7b712391b8e9856ca7573fe92d0132952ef
bpftrace-debugsource-0.21.1-1.el9.aarch64.rpm SHA-256: 45268d55512012ee872e330897c2cdbb39a93ee19fbf04645dc6446d10feb6ea

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
ppc64le
bpftrace-0.21.1-1.el9.ppc64le.rpm SHA-256: a8fed3837f8004a41940e1c28917566d6023045edb141d2cdeeabf6d9d178e3e
bpftrace-debuginfo-0.21.1-1.el9.ppc64le.rpm SHA-256: c09d872fdded33514f9a888b86b721af85038861edcd1d4908111fbb636964ab
bpftrace-debugsource-0.21.1-1.el9.ppc64le.rpm SHA-256: ac98b080276728316a487ed43965ada8aa90ac25440fb5b3520fd6d8cc6ced34

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
x86_64
bpftrace-0.21.1-1.el9.x86_64.rpm SHA-256: 1b8d012f4958f0b821151c2c18645823c4386d7ddf6415fea270f0245b2b8083
bpftrace-debuginfo-0.21.1-1.el9.x86_64.rpm SHA-256: 4112a4f556804338be5b7ce7d52e6369a4035abc901bf77a5b186a7e0337232d
bpftrace-debugsource-0.21.1-1.el9.x86_64.rpm SHA-256: d92aa5a6751d89bf53a997c21e8333bbece3e140b0d82ddf2f51c2850c310d07

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
aarch64
bpftrace-0.21.1-1.el9.aarch64.rpm SHA-256: 53754ebdc3078b79d2796c97d98b878077056347cc45450f2a07edd5fde8a66e
bpftrace-debuginfo-0.21.1-1.el9.aarch64.rpm SHA-256: 2048bd88d6aa981b2b698381cffde7b712391b8e9856ca7573fe92d0132952ef
bpftrace-debugsource-0.21.1-1.el9.aarch64.rpm SHA-256: 45268d55512012ee872e330897c2cdbb39a93ee19fbf04645dc6446d10feb6ea

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
bpftrace-0.21.1-1.el9.src.rpm SHA-256: 05c60476eb30313565db86ed2c47b24eacb0497179ff462dc1f7a1c30dda51e2
s390x
bpftrace-0.21.1-1.el9.s390x.rpm SHA-256: 333c04f8e7379e507fca2a2e7c81a7e68188999d141c2f8e034533b64e3a348f
bpftrace-debuginfo-0.21.1-1.el9.s390x.rpm SHA-256: ee9c69e14994be8373a88600e841a0de481959e6917bd775207b49c3b3c07889
bpftrace-debugsource-0.21.1-1.el9.s390x.rpm SHA-256: c00011d74fe6281618d947d3930a8781607e3b9751342a04783143e36a6b22b6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.