CVE-2024-56783

EPSS 0.03%
Veröffentlicht 08.01.2025 18:15:19
Zuletzt bearbeitet 03.11.2025 21:18:32
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level

cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to
restrict this maximum depth to a more reasonable value not to harm
performance. Remove unnecessary WARN_ON_ONCE which is reachable from
userspace.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 6.1.112 < 6.1.120

Linux ≫ Linux Kernel Version >= 6.6.53 < 6.6.66

Linux ≫ Linux Kernel Version >= 6.10.12 < 6.12.5

Linux ≫ Linux Kernel Version6.13 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.077

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://git.kernel.org/stable/c/2f9bec0a749eb646b384fde0c7b7c24687b2ffae

Patch

https://git.kernel.org/stable/c/7064a6daa4a700a298fe3aee11dea296bfe59fc4

Patch

https://git.kernel.org/stable/c/b7529880cb961d515642ce63f9d7570869bbbdc3

Patch

https://git.kernel.org/stable/c/e227c042580ab065edc610c9ddc9bea691e6fc4d

Patch

https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html

https://nvd.nist.gov/vuln/detail/CVE-2024-56783

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-56783

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-56783

EUVD