CVE-2024-47710 Information

Nov 01, 2024 cve

Description

In the Linux kernel the following vulnerability has been resolved:

sock_map: Add a cond_resched() in sock_hash_free()

Several syzbot soft lockup reports all have in common sock_hash_free()

If a map with a large number of buckets is destroyed we need to yield the cpu when needed.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Reference

https://git.kernel.org/stable/c/1a11a1a53255ddab8a903cdae01b9d3eb2c1a47b https://git.kernel.org/stable/c/984648aac87a6a1c8fd61663bec3f7b61eafad5e https://git.kernel.org/stable/c/04f62c012e0e4683e572b30baf6004ca0a3f6772 https://git.kernel.org/stable/c/80bd490ac0a3b662a489e17d8eedeb1e905a3d40 https://git.kernel.org/stable/c/ae8c1b3e7353ad240b829eabac7ba2584b2c6bdc https://git.kernel.org/stable/c/cd10abf41bae55c9d2b93f34a516dbf52626bcb7 https://git.kernel.org/stable/c/b1339be951ad31947ae19bc25cb08769bf255100

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

5.5

Share on: