PT-2024-36957 · Linux+7 · Linux Kernel+7

Syzbot

·

Published

2024-11-26

·

Updated

2025-10-03

·

CVE-2024-56648

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description A potential out-of-bound access issue has been identified in the Linux kernel, specifically in the fill frame info() function. This issue can be triggered by sending a packet with 14 bytes, pretending to be a VLAN packet. The fill frame info() function relies on skb->mac len, and the check has been extended to cover this case. The issue is related to an uninit-value in fill frame info() and hsr forward skb().
Recommendations Update to Linux kernel version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable fill frame info() function until a patch is available.

Exploit

Fix

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

ALT-PU-2024-17881
ALT-PU-2024-17897
ALT-PU-2025-12647
AZL-54785
AZL-54818
BDU:2025-06091
CVE-2024-56648
DLA-4075-1
DLA-4076-1
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1080
OESA-2025-1081
OESA-2025-1339
OESA-2025-1340
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0557-1
OPENSUSE-SU-2025_0576-1
OPENSUSE-SU-2025_0577-1
OPENSUSE-SU-2025_0903-1
OPENSUSE-SU-2025_0906-1
OPENSUSE-SU-2025_0910-1
OPENSUSE-SU-2025_0911-1
OPENSUSE-SU-2025_0917-1
OPENSUSE-SU-2025_0919-1
OPENSUSE-SU-2025_0920-1
OPENSUSE-SU-2025_0922-1
OPENSUSE-SU-2025_0929-1
OPENSUSE-SU-2025_0937-1
OPENSUSE-SU-2025_0946-1
OPENSUSE-SU-2025_0949-1
OPENSUSE-SU-2025_0950-1
OPENSUSE-SU-2025_0952-1
OPENSUSE-SU-2025_0962-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0555-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:0576-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:0885-1
SUSE-SU-2025:0886-1
SUSE-SU-2025:0888-1
SUSE-SU-2025:0889-1
SUSE-SU-2025:0903-1
SUSE-SU-2025:0906-1
SUSE-SU-2025:0910-1
SUSE-SU-2025:0911-1
SUSE-SU-2025:0917-1
SUSE-SU-2025:0919-1
SUSE-SU-2025:0920-1
SUSE-SU-2025:0922-1
SUSE-SU-2025:0929-1
SUSE-SU-2025:0937-1
SUSE-SU-2025:0946-1
SUSE-SU-2025:0949-1
SUSE-SU-2025:0950-1
SUSE-SU-2025:0952-1
SUSE-SU-2025:0962-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20186-1
SUSE-SU-2025:20188-1
SUSE-SU-2025:20189-1
SUSE-SU-2025:20191-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025:20285-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0557-1
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7407-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7468-1
USN-7523-1
USN-7524-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu