CVE-2024-53212

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel related to netlink, specifically fixing a false positive warning in extack during dumps. The issue arises when the dump starts okay but fails later, and the input skb has already had the initiating message pulled, causing the check for bad attr to fail. The fix involves switching the check to use nlh, which is always valid. This issue was identified by syzbot, which found a way to trigger the scenario by filling up the receive queue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.