If kernel headers need to be extracted, bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2313 https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998
Created bpftrace tracking bugs for this issue: Affects: fedora-all [bug 2269015]