CVE-2024-47710

sock_map: Add a cond_resched() in sock_hash_free()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

sock_map: Add a cond_resched() in sock_hash_free()

Several syzbot soft lockup reports all have in common sock_hash_free()

If a map with a large number of buckets is destroyed, we need to yield
the cpu when needed.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-09-30 CVE Reserved
2024-10-21 CVE Published
2024-10-21 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/75e68e5bf2c7fa9d3e874099139df03d5952a3e1	Vuln. Introduced
https://git.kernel.org/stable/c/5bed77b0a2a0e6b6bc0ae8e851cafb38ef0374df	Vuln. Introduced
https://git.kernel.org/stable/c/6fc372656a1ebed8c1ebe0011881058c02eeddc0	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/1a11a1a53255ddab8a903cdae01b9d3eb2c1a47b	2024-10-17
https://git.kernel.org/stable/c/984648aac87a6a1c8fd61663bec3f7b61eafad5e	2024-10-17
https://git.kernel.org/stable/c/04f62c012e0e4683e572b30baf6004ca0a3f6772	2024-10-17
https://git.kernel.org/stable/c/80bd490ac0a3b662a489e17d8eedeb1e905a3d40	2024-10-04
https://git.kernel.org/stable/c/ae8c1b3e7353ad240b829eabac7ba2584b2c6bdc	2024-10-04
https://git.kernel.org/stable/c/cd10abf41bae55c9d2b93f34a516dbf52626bcb7	2024-10-04
https://git.kernel.org/stable/c/b1339be951ad31947ae19bc25cb08769bf255100	2024-09-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.10.227 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.10.227"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.15.168 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.15.168"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 6.1.113 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 6.1.113"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 6.6.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 6.6.54"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 6.10.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 6.10.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 6.11.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 6.11.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 6.12-rc1 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 6.12-rc1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.4.49 Search vendor "Linux" for product "Linux Kernel" and version "5.4.49"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				5.7.6 Search vendor "Linux" for product "Linux Kernel" and version "5.7.6"		en		Affected