{"id":"CVE-2024-36918","summary":"bpf: Check bloom filter map value size","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check bloom filter map value size\n\nThis patch adds a missing check to bloom filter creating, rejecting\nvalues above KMALLOC_MAX_SIZE. This brings the bloom map in line with\nmany other map types.\n\nThe lack of this protection can cause kernel crashes for value sizes\nthat overflow int's. Such a crash was caught by syzkaller. The next\npatch adds more guard-rails at a lower level.","modified":"2026-04-02T12:16:34.051983Z","published":"2024-05-30T15:29:13.904Z","related":["MGASA-2024-0263","MGASA-2024-0266","SUSE-SU-2024:2008-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36918.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/608e13706c8b6c658a0646f09ebced74ec367f7c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a8d89feba7e54e691ca7c4efc2a6264fa83f3687"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c418afb9bf23e2f2b76cb819601e4a5d9dbab42d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fa6995eeb62e74b5a1480c73fb7b420c270784d3"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36918.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36918"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9330986c03006ab1d33d243b7cfe598a7a3c1baa"},{"fixed":"fa6995eeb62e74b5a1480c73fb7b420c270784d3"},{"fixed":"608e13706c8b6c658a0646f09ebced74ec367f7c"},{"fixed":"c418afb9bf23e2f2b76cb819601e4a5d9dbab42d"},{"fixed":"a8d89feba7e54e691ca7c4efc2a6264fa83f3687"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36918.json"}}],"schema_version":"1.7.5"}