CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-57931: selinux: ignore unknown extended permissions

Description

In the Linux kernel, the following vulnerability has been resolved:

selinux: ignore unknown extended permissions

When evaluating extended permissions, ignore unknown permissions instead
of calling BUG(). This commit ensures that future permissions can be
added without interfering with older kernels.

Classification

CVE ID: CVE-2024-57931

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.61% (scored less or equal to compared to others)

EPSS Date: 2025-02-19 (when was this score calculated)

References

https://git.kernel.org/stable/c/f45a77dd24ae9ddb474303ec3975c376bd99fc51
https://git.kernel.org/stable/c/712137b177b45f255ce5687e679d950fcb218256
https://git.kernel.org/stable/c/f70e4b9ec69d9a74b84c17767a9a4eda8c901021
https://git.kernel.org/stable/c/c79324d42fa48372e0acb306a2761cc642bd4db0
https://git.kernel.org/stable/c/c1dbd28a079553de0023e1c938c713efeeee400f
https://git.kernel.org/stable/c/efefe36c03a73bb81c0720ce397659a5051b73fa
https://git.kernel.org/stable/c/900f83cf376bdaf798b6f5dcb2eae0c822e908b6

Timeline

2025-01-22 00:30:40 UTC
CVE

selinux: ignore unknown extended permissions