cve/2024/CVE-2024-38566.md

### [CVE-2024-38566](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38566)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6fcd486b3a0a628c41f12b3a7329a18a2c74b351%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:bpf: Fix verifier assumptions about socket->skThe verifier assumes that 'sk' field in 'struct socket' is validand non-NULL when 'socket' pointer itself is trusted and non-NULL.That may not be the case when socket was just created andpassed to LSM socket_accept hook.Fix this verifier assumption and adjust tests.

### POC

#### Reference
- https://git.kernel.org/stable/c/0db63c0b86e981a1e97d2596d64ceceba1a5470e

#### Github
No PoCs found on GitHub currently.