PT-2024-35512 · Linux+4 · Linux Kernel+4

Published

2024-10-21

Updated

2025-10-03

CVE-2024-53047

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc2+

Description The issue arises when the socket is initialized without using rcu read lock(), despite an explicit comment above the declaration of mptcp sched find() in sched.c. This results in a warning about suspicious RCU usage when an MPTCP socket is created. The problem occurs when CONFIG PROVE RCU LIST is enabled with its dependence CONFIG RCU EXPERT. The warning is triggered by the lockdep rcu suspicious function and is followed by a stack backtrace.

Recommendations To resolve the issue, add the missing rcu read lock() and rcu read unlock() around the mptcp sched find() function call in sched.c. This will protect the scheduler with rcu read lock() and avoid the warning.

Note: The provided information does not specify the exact version where the issue is fixed, only that it is resolved in versions after 6.12.0-rc2+.

Exploit

Fix

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-17211

ALT-PU-2024-17891

ALT-PU-2025-12647

AZL-53894

BDU:2025-07881

CVE-2024-53047

INFSA-2025_6966

OESA-2024-2492

RHSA-2025:6966

RHSA-2025_6966

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Red Hat

Ubuntu

PT-2024-35512 · Linux+4 · Linux Kernel+4

CVE-2024-53047

Weakness Enumeration

Related Identifiers

Affected Products

References · 1169