5.5
CVE-2024-56720
- EPSS 0.23%
- Veröffentlicht 29.12.2024 12:15:06
- Zuletzt bearbeitet 03.11.2025 21:18:23
- CVE-Watchlists
- Unerledigt
bpf, sockmap: Several fixes to bpf_msg_pop_data
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Several fixes to bpf_msg_pop_data Several fixes to bpf_msg_pop_data, 1. In sk_msg_shift_left, we should put_page 2. if (len == 0), return early is better 3. pop the entire sk_msg (last == msg->sg.size) should be supported 4. Fix for the value of variable "a" 5. In sk_msg_shift_left, after shifting, i has already pointed to the next element. Addtional sk_msg_iter_var_next may result in BUG.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.0 < 5.4.287
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.231
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.174
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.120
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.64
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.11
Linux ≫ Linux Kernel Version >= 6.12 < 6.12.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.134 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-193 Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/275a9f3ef8fabb0cb282a62b9e164dedba7284c5
https://git.kernel.org/stable/c/5d609ba262475db450ba69b8e8a557bd768ac07a
https://git.kernel.org/stable/c/785180bed9879680d8e5c5e1b54c8ae8d948f4c8
https://git.kernel.org/stable/c/98c7ea7d11f2588e8197db042e0291e4ac8f8346
https://git.kernel.org/stable/c/d26d977633d1d0b8bf9407278189bd0a8d973323
https://git.kernel.org/stable/c/d3f5763b3062514a234114e97bbde74d8d702449
https://git.kernel.org/stable/c/e1f54c61c4c9a5244eb8159dce60d248f7d97b32
https://git.kernel.org/stable/c/f58d3aa457e77a3d9b3df2ab081dcf9950f6029f
https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html