PT-2024-35613 · Linux+6 · Linux Kernel+6

Liu Jian

·

Published

2024-11-28

·

Updated

2026-05-26

·

CVE-2024-53168

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc4-dirty
Description A use-after-free issue has been identified in the Linux kernel's sunrpc module, specifically related to the kernel's TCP socket handling. This issue arises when the TCP socket in a network namespace is shut down and closed, but the FIN message with acknowledgement is discarded, leading to the nfsd side continuing to send retransmission messages. As a result, when the TCP socket processes the received message, it sends the FIN message in the sending queue, and the TCP timer is re-established, causing problems when the network namespace is deleted.
Recommendations To resolve this issue, hold the netns refcnt for the TCP kernel socket as done in other modules. This can be backported to earlier kernels. A proper fix that cleans up the interfaces will follow, but may not be easy to backport. For versions prior to 6.12.0-rc4-dirty, consider applying the provided fix or waiting for an official patch.

Exploit

Fix

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17893
ALT-PU-2025-12647
AZL-56213
BDU:2025-07286
CVE-2024-53168
ECHO-BEB4-F87B-4231
LSN-0112-1
OESA-2025-2551
OESA-2025-2553
OESA-2025-2554
OESA-2025-2555
OESA-2025-2556
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0557-1
SUSE-SU-2025:01918-1
SUSE-SU-2025:01966-1
SUSE-SU-2025:01982-1
SUSE-SU-2025:01983-1
SUSE-SU-2025:01995-1
SUSE-SU-2025:02173-1
SUSE-SU-2025:02262-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:03465-1
SUSE-SU-2025:03468-1
SUSE-SU-2025:03469-1
SUSE-SU-2025:03475-1
SUSE-SU-2025:03482-1
SUSE-SU-2025:03483-1
SUSE-SU-2025:03494-1
SUSE-SU-2025:03496-1
SUSE-SU-2025:03498-1
SUSE-SU-2025:03503-1
SUSE-SU-2025:03504-1
SUSE-SU-2025:03514-1
SUSE-SU-2025:03515-1
SUSE-SU-2025:03528-1
SUSE-SU-2025:03529-1
SUSE-SU-2025:03538-1
SUSE-SU-2025:03539-1
SUSE-SU-2025:03541-1
SUSE-SU-2025:03543-1
SUSE-SU-2025:03548-1
SUSE-SU-2025:03551-1
SUSE-SU-2025:03553-1
SUSE-SU-2025:03554-1
SUSE-SU-2025:03555-1
SUSE-SU-2025:03557-1
SUSE-SU-2025:03559-1
SUSE-SU-2025:03561-1
SUSE-SU-2025:03566-1
SUSE-SU-2025:03571-1
SUSE-SU-2025:03577-1
SUSE-SU-2025:03578-1
SUSE-SU-2025:03580-1
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025:20806-1
SUSE-SU-2025:20807-1
SUSE-SU-2025:20813-1
SUSE-SU-2025:20819-1
SUSE-SU-2025:20826-1
SUSE-SU-2025:20832-1
SUSE-SU-2025:20833-1
SUSE-SU-2025:20834-1
SUSE-SU-2025:20840-1
SUSE-SU-2025:20841-1
SUSE-SU-2025:2173-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_01982-1
SUSE-SU-2025_01983-1
SUSE-SU-2025_02173-1
SUSE-SU-2025_02262-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7550-1
USN-7550-2
USN-7550-3
USN-7550-4
USN-7550-5
USN-7550-6
USN-7550-7
USN-7553-1
USN-7553-2
USN-7553-3
USN-7553-4
USN-7553-5
USN-7553-6
USN-7554-1
USN-7554-2
USN-7554-3
USN-7585-1
USN-7585-2
USN-7585-3
USN-7585-4
USN-7585-5
USN-7585-6
USN-7585-7
USN-7592-1
USN-7593-1
USN-7598-1
USN-7602-1
USN-7640-1
USN-7655-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu