PT-2025-2832 · Linux+4 · Linux Kernel+4

Guangguan Wang

·

Published

2024-12-11

·

Updated

2026-05-26

·

CVE-2024-49568

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74
Description The issue concerns the Linux kernel, specifically the net/smc component. When receiving a proposal message in the server, the fields v2 ext offset, eid cnt, and ism gid cnt in the proposal message are from the remote client and cannot be fully trusted. Especially the field v2 ext offset, once it exceeds the maximum value, there is a chance to access the wrong address, and a crash may happen. This patch checks the fields v2 ext offset, eid cnt, and ism gid cnt before using them.
Recommendations For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting access to the net/smc component until a patch is available.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

AZL-68541
BDU:2025-06431
CVE-2024-49568
ECHO-CD41-38BA-EA1E
MGASA-2025-0030
MGASA-2025-0032
OESA-2025-1110
OESA-2025-1111
SUSE-SU-2025:02249-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02335-1
SUSE-SU-2025:02538-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_02249-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02335-1
SUSE-SU-2025_02538-1
USN-7379-1
USN-7379-2
USN-7380-1
USN-7381-1
USN-7382-1
USN-7513-1
USN-7513-2
USN-7513-3
USN-7513-4
USN-7513-5
USN-7514-1
USN-7515-1
USN-7515-2
USN-7522-1
USN-7523-1
USN-7524-1

Affected Products

Debian
Linuxmint
Linux Kernel
Suse
Ubuntu