PT-2025-8783 · Linux+7 · Linux Kernel+7

Syzbot

·

Published

2024-12-06

·

Updated

2026-04-20

·

CVE-2024-57996

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.0
Description A vulnerability has been identified in the Linux kernel, specifically in the net sched module, where the sch sfq implementation does not work correctly with a limit of 1 packet. This issue can cause an array-index-out-of-bounds error in the sfq head array, leading to a crash. The vulnerability can be triggered by sending two packets in a specific scenario, causing the qdisc qlen to underflow and resulting in an out-of-bounds access.
Recommendations For Linux kernel versions prior to 5.10.0, apply the patch that adds a check to prevent the limit from being set to 1, as this will prevent the array-index-out-of-bounds error and subsequent crash. As a temporary workaround, consider disabling the sfq qdisc until a patch is available.

Exploit

Fix

LPE

Improper Validation of Array Index

Weakness Enumeration

CWE-129

Related Identifiers

ALT-PU-2025-12647
AZL-57993
BDU:2025-11898
CVE-2024-57996
DLA-4102-1
DLA-4327-1
OESA-2025-1408
OESA-2025-1446
OESA-2025-1450
OPENSUSE-SU-2025_1177-1
OPENSUSE-SU-2025_1178-1
OPENSUSE-SU-2025_1180-1
OPENSUSE-SU-2025_1263-1
SUSE-SU-2025:01839-1
SUSE-SU-2025:01840-1
SUSE-SU-2025:01843-1
SUSE-SU-2025:01844-1
SUSE-SU-2025:01849-1
SUSE-SU-2025:01851-1
SUSE-SU-2025:01853-1
SUSE-SU-2025:01868-1
SUSE-SU-2025:01869-1
SUSE-SU-2025:01873-1
SUSE-SU-2025:01875-1
SUSE-SU-2025:01892-1
SUSE-SU-2025:01893-1
SUSE-SU-2025:01894-1
SUSE-SU-2025:01899-1
SUSE-SU-2025:01901-1
SUSE-SU-2025:01906-1
SUSE-SU-2025:01907-1
SUSE-SU-2025:01908-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01922-1
SUSE-SU-2025:01927-1
SUSE-SU-2025:01928-1
SUSE-SU-2025:01929-1
SUSE-SU-2025:01930-1
SUSE-SU-2025:01932-1
SUSE-SU-2025:01935-1
SUSE-SU-2025:01944-1
SUSE-SU-2025:01948-1
SUSE-SU-2025:01949-1
SUSE-SU-2025:01950-1
SUSE-SU-2025:01956-1
SUSE-SU-2025:01957-1
SUSE-SU-2025:01958-1
SUSE-SU-2025:0983-1
SUSE-SU-2025:1027-1
SUSE-SU-2025:1176-1
SUSE-SU-2025:1177-1
SUSE-SU-2025:1178-1
SUSE-SU-2025:1180-1
SUSE-SU-2025:1183-1
SUSE-SU-2025:1194-1
SUSE-SU-2025:1241-1
SUSE-SU-2025:1263-1
SUSE-SU-2025:1293-1
SUSE-SU-2025:20190-1
SUSE-SU-2025:20192-1
SUSE-SU-2025:20260-1
SUSE-SU-2025:20270-1
SUSE-SU-2025:20381-1
SUSE-SU-2025:20382-1
SUSE-SU-2025:20383-1
SUSE-SU-2025:20384-1
SUSE-SU-2025:20386-1
SUSE-SU-2025:20387-1
SUSE-SU-2025:20388-1
SUSE-SU-2025:20389-1
SUSE-SU-2025:20397-1
SUSE-SU-2025:20398-1
SUSE-SU-2025:20399-1
SUSE-SU-2025:20400-1
SUSE-SU-2025:20401-1
SUSE-SU-2025:20402-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_0983-1
SUSE-SU-2025_1027-1
SUSE-SU-2025_1177-1
SUSE-SU-2025_1178-1
SUSE-SU-2025_1180-1
SUSE-SU-2025_1241-1
SUSE-SU-2025_1263-1
SUSE-SU-2025_1293-1
SUSE-SU-2026:0385-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7651-1
USN-7651-2
USN-7651-3
USN-7651-4
USN-7651-5
USN-7651-6
USN-7652-1
USN-7653-1
USN-7725-1
USN-7725-2
USN-7725-3
USN-7726-1
USN-7726-2
USN-7726-3
USN-7726-4
USN-7726-5
USN-7727-1
USN-7727-2
USN-7727-3
USN-7754-1
USN-7754-2
USN-7755-1
USN-7755-2
USN-7755-3
USN-7776-1
USN-7779-1
USN-7802-1
USN-7809-1
USN-7819-1
USN-7819-2
USN-7820-1
USN-7832-1
USN-7875-1

Affected Products

Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu