We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-44996

vsock: fix recursive ->recvmsg calls



Description

In the Linux kernel, the following vulnerability has been resolved: vsock: fix recursive ->recvmsg calls After a vsock socket has been added to a BPF sockmap, its prot->recvmsg has been replaced with vsock_bpf_recvmsg(). Thus the following recursiion could happen: vsock_bpf_recvmsg() -> __vsock_recvmsg() -> vsock_connectible_recvmsg() -> prot->recvmsg() -> vsock_bpf_recvmsg() again We need to fix it by calling the original ->recvmsg() without any BPF sockmap logic in __vsock_recvmsg().

Reserved 2024-08-21 | Published 2024-09-04 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

634f1a7110b439c65fd8a809171c1d2d28bcea6f before 921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5
affected

634f1a7110b439c65fd8a809171c1d2d28bcea6f before b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135
affected

634f1a7110b439c65fd8a809171c1d2d28bcea6f before 69139d2919dd4aa9a553c8245e7c63e82613e3fc
affected

Default status
affected

6.4
affected

Any version before 6.4
unaffected

6.6.48
unaffected

6.10.7
unaffected

6.11
unaffected

References

git.kernel.org/...c/921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5

git.kernel.org/...c/b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135

git.kernel.org/...c/69139d2919dd4aa9a553c8245e7c63e82613e3fc

cve.org (CVE-2024-44996)

nvd.nist.gov (CVE-2024-44996)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-44996

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.