Executive Summary

Informations
Name CVE-2024-53091 First vendor Publication 2024-11-21
Vendor Cve Last vendor Modification 2024-12-24

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 5.5
Base Score 5.5 Environmental Score 5.5
impact SubScore 3.6 Temporal Score 5.5
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx

As the introduction of the support for vsock and unix sockets in sockmap, tls_sw_has_ctx_tx/rx cannot presume the socket passed in must be IS_ICSK. vsock and af_unix sockets have vsock_sock and unix_sock instead of inet_connection_sock. For these sockets, tls_get_ctx may return an invalid pointer and cause page fault in function tls_sw_ctx_rx.

BUG: unable to handle page fault for address: 0000000000040030 Workqueue: vsock-loopback vsock_loopback_work RIP: 0010:sk_psock_strp_data_ready+0x23/0x60 Call Trace:
? __die+0x81/0xc3
? no_context+0x194/0x350
? do_page_fault+0x30/0x110
? async_page_fault+0x3e/0x50
? sk_psock_strp_data_ready+0x23/0x60
virtio_transport_recv_pkt+0x750/0x800
? update_load_avg+0x7e/0x620
vsock_loopback_work+0xd0/0x100
process_one_work+0x1a7/0x360
worker_thread+0x30/0x390
? create_worker+0x1a0/0x1a0
kthread+0x112/0x130
? __kthread_cancel_work+0x40/0x40
ret_from_fork+0x1f/0x40

v2:
- Add IS_ICSK check v3:
- Update the commits in Fixes

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53091

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Os 3689

Sources (Detail)

https://git.kernel.org/stable/c/44d0469f79bd3d0b3433732877358df7dc6b17b1
https://git.kernel.org/stable/c/6781cfa93a6a1b7f5be6819a5a2dd8f30f47ca26
https://git.kernel.org/stable/c/a078a480ff3f43d74d8a024ae10c3c7daf6db149
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
Date Informations
2025-03-29 03:43:36
  • Multiple Updates
2025-03-28 13:47:04
  • Multiple Updates
2025-03-28 03:21:22
  • Multiple Updates
2025-03-19 03:16:25
  • Multiple Updates
2025-03-18 03:29:23
  • Multiple Updates
2025-03-14 03:16:34
  • Multiple Updates
2025-03-06 14:13:07
  • Multiple Updates
2025-02-22 03:26:39
  • Multiple Updates
2025-01-08 03:07:32
  • Multiple Updates
2025-01-07 03:07:05
  • Multiple Updates
2024-12-24 21:20:41
  • Multiple Updates
2024-12-24 17:20:34
  • Multiple Updates
2024-11-22 13:22:56
  • First insertion