PT-2024-37004 · Linux+7 · Linux Kernel+7
Vincent Whitchurch
·
Published
2024-12-28
·
Updated
2025-10-03
·
CVE-2024-56694
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to v6.9
Description
The issue occurs when the stream verdict program returns SK PASS, placing the received skb into its own receive queue, but a recursive lock eventually occurs, leading to an operating system deadlock. This problem has been present since version v6.9. The
sk psock strp data ready function is involved, which calls write lock bh(&sk->sk callback lock) and later read lock bh(&sk->sk callback lock), resulting in a deadlock.Recommendations
For Linux kernel versions prior to v6.9, update to a version that includes the fix for the recursive lock issue.
As a temporary workaround, consider disabling the
stream verdict program or restricting its use to minimize the risk of exploitation.
Avoid using the sk psock strp data ready function until the issue is resolved.Exploit
Fix
Improper Locking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu