PT-2025-3573 · Linux+6 · Linux Kernel+6
Guangguan Wang
·
Published
2024-12-11
·
Updated
2025-05-29
·
CVE-2024-57791
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.6.74
Description
A vulnerability in the Linux kernel has been identified where the field length in
smc clc msg hdr indicates the length of a message to be received from the network. This value should not be fully trusted as it comes from the network. If the length exceeds the buflen value in the smc clc wait msg function, it may cause a deadloop when trying to drain the remaining data. The patch checks the return value of sock recvmsg when draining data to prevent this deadloop.Recommendations
For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting network access to minimize the risk of exploitation until the update can be applied.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu