Lucene search
LinuxVULNRICHMENT:CVE-2024-44996HistorySep 04, 2024 - 7:54 p.m.
CVE-2024-44996 vsock: fix recursive ->recvmsg calls
2024-09-0419:54:41
Linux
github.com
2
linux
kernel
vulnerability
vsock
recursion
fix
bpf
sockmap
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
vsock: fix recursive ->recvmsg calls
After a vsock socket has been added to a BPF sockmap, its prot->recvmsg
has been replaced with vsock_bpf_recvmsg(). Thus the following
recursiion could happen:
vsock_bpf_recvmsg()
-> __vsock_recvmsg()
-> vsock_connectible_recvmsg()
-> prot->recvmsg()
-> vsock_bpf_recvmsg() again
We need to fix it by calling the original ->recvmsg() without any BPF
sockmap logic in __vsock_recvmsg().
Related
debiancve
debiancve
CVE-2024-44996
2024-09-04 20:15:08
cvelist
cvelist
CVE-2024-44996 vsock: fix recursive ->recvmsg calls
2024-09-04 19:54:41
redhatcve
redhatcve
CVE-2024-44996
2024-09-04 22:16:16
cve
cve
CVE-2024-44996
2024-09-04 20:15:08
nvd
nvd
CVE-2024-44996
2024-09-04 20:15:08
ubuntucve
ubuntucve
CVE-2024-44996
2024-09-05 00:00:00
osv
osv
CVE-2024-44996
2024-09-04 20:15:08
mageia
mageia
Updated kernel, kmod-xtables-addons & kmod-virtualbox packages fix security vulnerabilities
2024-09-19 21:04:01
Updated kernel-linus packages fix security vulnerabilities
2024-09-19 21:04:01
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-44996