CVE-2024-36481: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-36481 is a vulnerability in the Linux kernel's tracing/probes subsystem, discovered and disclosed on June 21, 2024. The issue affects the parsebtffield() function where btffindstructmember() might return NULL or an error via the ERRPTR() macro, but its caller only checks for the NULL condition (CVE, Ubuntu).

The vulnerability exists in the kernel's tracing probe functionality where the parsebtffield() function fails to properly handle error conditions returned by btffindstructmember(). The function only checks for NULL returns but doesn't properly handle error cases that could be returned via the ERRPTR() macro. The issue has been assigned a CVSS 3 Severity Score of 5.5 (Medium) (Ubuntu).

The vulnerability could potentially lead to system instability or denial of service conditions when processing BTF (BPF Type Format) field access in the Linux kernel's tracing subsystem (Rapid7).

The vulnerability has been fixed in multiple Linux kernel versions. The fix involves using IS_ERR() to properly check for and handle error conditions, returning the error up the stack. Updates are available for various Ubuntu releases including 24.04 LTS (noble) with kernel version 6.8.0-44.44 and other kernel variants (Ubuntu, Kernel Commit).