PT-2024-36974 · Linux+8 · Linux Kernel+8

Published

2024-12-10

·

Updated

2026-01-14

·

CVE-2024-56664

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description A race condition exists between element replacement and close() in the Linux kernel's bpf and sockmap handling. This can lead to a situation where an element is unreferenced incorrectly, resulting in a slab-use-after-free error. The issue arises when an element replacement occurs concurrently with the close() operation on a socket, causing the sock map delete() function to unconditionally unref the wrong element. This can trigger a KASAN splat and produce refcount t warnings.
Recommendations To resolve this issue, update the Linux kernel to version 6.6.74 or later. As a temporary workaround, consider disabling the sock map update elem function until a patch is available. Restrict access to the vulnerable sock map free function to minimize the risk of exploitation. Avoid using the map update elem function with sockets that are being closed concurrently.

Exploit

Fix

Use After Free

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-362

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALT-PU-2024-17881
ALT-PU-2025-12647
ALT-PU-2025-3496
AZL-54779
AZL-54812
BDU:2025-04674
CVE-2024-56664
DLA-4076-1
DLA-4178-1
DSA-5860-1
INFSA-2025_6966
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1409
OESA-2025-1410
OESA-2025-1446
OESA-2025-1450
OPENSUSE-SU-2025_0428-1
OPENSUSE-SU-2025_0499-1
OPENSUSE-SU-2025_0517-1
OPENSUSE-SU-2025_0517-2
OPENSUSE-SU-2025_0556-1
OPENSUSE-SU-2025_0557-1
OPENSUSE-SU-2025_0576-1
OPENSUSE-SU-2025_0577-1
OPENSUSE-SU-2025_0771-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2025:0236-1
SUSE-SU-2025:02601-1
SUSE-SU-2025:02604-1
SUSE-SU-2025:02607-1
SUSE-SU-2025:02610-1
SUSE-SU-2025:02618-1
SUSE-SU-2025:02627-1
SUSE-SU-2025:02632-1
SUSE-SU-2025:02636-1
SUSE-SU-2025:02638-1
SUSE-SU-2025:02648-1
SUSE-SU-2025:02652-1
SUSE-SU-2025:02673-1
SUSE-SU-2025:02688-1
SUSE-SU-2025:02691-1
SUSE-SU-2025:02697-1
SUSE-SU-2025:02698-1
SUSE-SU-2025:0289-1
SUSE-SU-2025:0428-1
SUSE-SU-2025:0499-1
SUSE-SU-2025:0555-1
SUSE-SU-2025:0556-1
SUSE-SU-2025:0557-1
SUSE-SU-2025:0576-1
SUSE-SU-2025:0577-1
SUSE-SU-2025:0577-2
SUSE-SU-2025:0771-1
SUSE-SU-2025:0867-1
SUSE-SU-2025:20165-1
SUSE-SU-2025:20166-1
SUSE-SU-2025:20248-1
SUSE-SU-2025:20249-1
SUSE-SU-2025:20568-1
SUSE-SU-2025:20575-1
SUSE-SU-2025:20576-1
SUSE-SU-2025:20578-1
SUSE-SU-2025:20579-1
SUSE-SU-2025:20584-1
SUSE-SU-2025:20610-1
SUSE-SU-2025:20611-1
SUSE-SU-2025:20620-1
SUSE-SU-2025:20625-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_0236-1
SUSE-SU-2025_0428-1
SUSE-SU-2025_0499-1
SUSE-SU-2025_0517-1
SUSE-SU-2025_0517-2
SUSE-SU-2025_0557-1
SUSE-SU-2025_0577-1
SUSE-SU-2025_0577-2
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1
USN-7591-1
USN-7591-2
USN-7591-3
USN-7591-4
USN-7591-5
USN-7591-6
USN-7592-1
USN-7593-1
USN-7597-1
USN-7597-2
USN-7598-1
USN-7602-1
USN-7655-1
USN-7874-1
USN-7874-2
USN-7874-3
USN-7939-1
USN-7939-2

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu