CVE-2024-56694
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
bpf: fix recursive lock when verdict program return SK_PASS
When the stream_verdict program returns SK_PASS, it places the received skb into its own receive queue, but a recursive lock eventually occurs, leading to an operating system deadlock. This issue has been present since v6.9.
''' sk_psock_strp_data_ready write_lock_bh(&sk->sk_callback_lock) strp_data_ready strp_read_sock read_sock -> tcp_read_sock strp_recv cb.rcv_msg -> sk_psock_strp_read # now stream_verdict return SK_PASS without peer sock assign __SK_PASS = sk_psock_map_verd(SK_PASS, NULL) sk_psock_verdict_apply sk_psock_skb_ingress_self sk_psock_skb_ingress_enqueue sk_psock_data_ready read_lock_bh(&sk->sk_callback_lock) <= dead lock
'''
This topic has been discussed before, but it has not been fixed. Previous discussion: https://lore.kernel.org/all/6684a5864ec86_403d20898@john.notmuch
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | c0809c128dad4c3413818384eb06a341633db973 < 221109ba2127eabd0aa64718543638b58b15df56 | affected |
| Linux | Linux | 5965bc7535fb87510b724e5465ccc1a1cf00916d < 6694f7acd625ed854bf6342926e771d65dad7f69 | affected |
| Linux | Linux | 39dc9e1442385d6e9be0b6491ee488dddd55ae27 < 386efa339e08563dd33e83bc951aea5d407fe578 | affected |
| Linux | Linux | b397a0ab8582c533ec0c6b732392f141fc364f87 < da2bc8a0c8f3ac66fdf980fc59936f851a083561 | affected |
| Linux | Linux | 6648e613226e18897231ab5e42ffc29e63fa3365 < 01f1b88acfd79103da0610b45471f6c88ea98d72 | affected |
| Linux | Linux | 6648e613226e18897231ab5e42ffc29e63fa3365 < f84c5ef6ca23cc2f72f3b830d74f67944684bb05 | affected |
| Linux | Linux | 6648e613226e18897231ab5e42ffc29e63fa3365 < 8ca2a1eeadf09862190b2810697702d803ceef2d | affected |
| Linux | Linux | 772d5729b5ff0df0d37b32db600ce635b2172f80 | affected |
| Linux | Linux | 5.10.223 < 5.10.233 | affected |
| Linux | Linux | 5.15.159 < 5.15.174 | affected |
| Linux | Linux | 6.1.91 < 6.1.120 | affected |
| Linux | Linux | 6.6.31 < 6.6.64 | affected |
| Linux | Linux | 6.8.10 < 6.9 | affected |
| Linux | Linux | 6.9 | affected |
| Linux | Linux | 0 < 6.9 | unaffected |
| Linux | Linux | 5.10.233 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.174 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.120 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.64 <= 6.6.* | unaffected |
| Linux | Linux | 6.11.11 <= 6.11.* | unaffected |
| Linux | Linux | 6.12.2 <= 6.12.* | unaffected |
| Linux | Linux | 6.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
References
- https://git.kernel.org/stable/c/221109ba2127eabd0aa64718543638b58b15df56
- https://git.kernel.org/stable/c/6694f7acd625ed854bf6342926e771d65dad7f69
- https://git.kernel.org/stable/c/386efa339e08563dd33e83bc951aea5d407fe578
- https://git.kernel.org/stable/c/da2bc8a0c8f3ac66fdf980fc59936f851a083561
- https://git.kernel.org/stable/c/01f1b88acfd79103da0610b45471f6c88ea98d72
- https://git.kernel.org/stable/c/f84c5ef6ca23cc2f72f3b830d74f67944684bb05
- https://git.kernel.org/stable/c/8ca2a1eeadf09862190b2810697702d803ceef2d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.