PT-2025-34361 · Linux+4 · Linux Kernel+4

Published

2024-02-15

·

Updated

2026-01-22

·

CVE-2024-58239

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux Kernel (affected versions not specified)
Description: The Linux kernel contains an issue where the recv() function may continue processing even after process rx list returns a non-DATA record. This can lead to merging of records, potentially causing unexpected behavior. The issue occurs when a non-DATA record is present on the receive list (rx list) and another record of the same type remains in the queue. The process rx list function copies the non-DATA record, and the loop continues processing records of the same type, ultimately breaking out of the loop without processing DATA.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Infinite Loop

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-835

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2025-12996
CVE-2024-58239
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2025:03272-1
SUSE-SU-2025:03283-1
SUSE-SU-2025:03290-1
SUSE-SU-2025:03301-1
SUSE-SU-2025:03310-1
SUSE-SU-2025:03314-1
SUSE-SU-2025:03344-1
SUSE-SU-2025:03382-1
SUSE-SU-2025:03383-1
SUSE-SU-2025:03384-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20653-1
SUSE-SU-2025:20669-1
SUSE-SU-2025:20739-1
SUSE-SU-2025:20756-1
SUSE-SU-2025_03272-1
SUSE-SU-2025_03290-1
SUSE-SU-2025_03301-1
SUSE-SU-2025_03310-1
SUSE-SU-2025_03314-1
SUSE-SU-2025_03344-1
SUSE-SU-2025_03382-1
SUSE-SU-2026:0163-1
SUSE-SU-2026:0166-1
SUSE-SU-2026:0168-1
SUSE-SU-2026:0173-1
SUSE-SU-2026:0174-1
SUSE-SU-2026:0180-1
SUSE-SU-2026:0184-1
SUSE-SU-2026:0186-1
SUSE-SU-2026:0191-1
SUSE-SU-2026:0206-1
SUSE-SU-2026:0246-1

Affected Products

Astra Linux
Linux Kernel
Red Hat
Red Os
Suse