PT-2024-36941 · Linux+6 · Linux Kernel+6
Published
2024-10-16
·
Updated
2026-05-19
·
CVE-2024-56633
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
The issue is related to the sk memory accounting logic in the Linux kernel, specifically in the
tcp bpf sendmsg function. The current logic pre-uncharges tosend bytes, which can lead to potential problems, such as missing uncharging of bytes when tosend is set to apply bytes and an error occurs. This can cause a warning to be reported when running the selftest test txmsg redir wait sndmem with txmsg apply. The issue is resolved by delaying the uncharging after sent bytes are finalized and invoking sk msg free when an error occurs.Recommendations
To resolve the issue, update to Linux kernel version 6.6.74 or later.
For versions prior to 6.6.74, consider applying the fix to the
tcp bpf sendmsg function to delay the uncharging after sent bytes are finalized and invoke sk msg free when an error occurs.Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu