CVE-2024-50169
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
vsock: Update rx_bytes on read_skb()
Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced (i.e. virtio_vsock_sock::rx_bytes doesn't lie) after vsock_transport::read_skb().
While here, also inform the peer that we've freed up space and it has more credit.
Failing to update rx_bytes after packet is dequeued leads to a warning on SOCK_STREAM recv():
[ 233.396654] rx_queue is empty, but rx_bytes is non-zero [ 233.396702] WARNING: CPU: 11 PID: 40601 at net/vmw_vsock/virtio_transport_common.c:589
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 634f1a7110b439c65fd8a809171c1d2d28bcea6f < 66cd51de31c682a311c2fa25c580b7ea45859dd9 | affected |
| Linux | Linux | 634f1a7110b439c65fd8a809171c1d2d28bcea6f < e5ca2b98090b4bb1c393088c724af6c37812a829 | affected |
| Linux | Linux | 634f1a7110b439c65fd8a809171c1d2d28bcea6f < 3543152f2d330141d9394d28855cb90b860091d2 | affected |
| Linux | Linux | 6.4 | affected |
| Linux | Linux | 0 < 6.4 | unaffected |
| Linux | Linux | 6.6.59 <= 6.6.* | unaffected |
| Linux | Linux | 6.11.6 <= 6.11.* | unaffected |
| Linux | Linux | 6.12 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/66cd51de31c682a311c2fa25c580b7ea45859dd9
- https://git.kernel.org/stable/c/e5ca2b98090b4bb1c393088c724af6c37812a829
- https://git.kernel.org/stable/c/3543152f2d330141d9394d28855cb90b860091d2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.