PT-2024-37033 · Linux+7 · Linux Kernel+7

Published

2024-12-29

·

Updated

2025-10-03

·

CVE-2024-56720

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue concerns several fixes to bpf msg pop data in the Linux kernel, specifically in the bpf and sockmap components. The fixes address various problems, including the need to put page in sk msg shift left, returning early when len equals 0, supporting the pop of the entire sk msg when last equals msg->sg.size, fixing the value of variable a, and avoiding additional sk msg iter var next calls after shifting in sk msg shift left to prevent a bug.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-401CWE-193

Related Identifiers

ALT-PU-2024-17893
ALT-PU-2025-12647
AZL-55259
AZL-55265
BDU:2025-05093
CVE-2024-56720
DLA-4075-1
DLA-4076-1
OESA-2025-1078
OESA-2025-1079
OPENSUSE-SU-2025_0847-1
OPENSUSE-SU-2025_0856-1
OPENSUSE-SU-2025_0955-1
SUSE-SU-2025:0784-1
SUSE-SU-2025:0847-1
SUSE-SU-2025:0856-1
SUSE-SU-2025:0955-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025_0847-1
SUSE-SU-2025_0856-1
SUSE-SU-2025_0955-1
USN-7276-1
USN-7277-1
USN-7310-1
USN-7387-1
USN-7387-2
USN-7387-3
USN-7388-1
USN-7389-1
USN-7390-1
USN-7391-1
USN-7392-1
USN-7392-2
USN-7392-3
USN-7392-4
USN-7393-1
USN-7401-1
USN-7407-1
USN-7413-1
USN-7421-1
USN-7449-1
USN-7449-2
USN-7450-1
USN-7451-1
USN-7452-1
USN-7453-1
USN-7458-1
USN-7459-1
USN-7459-2
USN-7463-1
USN-7468-1
USN-7523-1
USN-7524-1
USN-7539-1
USN-7540-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu