AZL-54629

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54629.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-54629

Upstream

CVE-2024-53091

Published

2024-11-21T19:15:12Z

Modified

2026-04-01T05:18:20.634684Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

CVE-2024-53091 affecting package kernel for versions less than 6.6.64.2-1

Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Add skisinet and ISICSK check in tlsswhasctx_tx/rx

As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have vsocksock and unixsock instead of inetconnectionsock. For these sockets, tlsgetctx may return an invalid pointer and cause page fault in function tlsswctx_rx.

BUG: unable to handle page fault for address: 0000000000040030 Workqueue: vsock-loopback vsockloopbackwork RIP: 0010:skpsockstrpdataready+0x23/0x60 Call Trace: ? __die+0x81/0xc3 ? nocontext+0x194/0x350 ? dopagefault+0x30/0x110 ? asyncpagefault+0x3e/0x50 ? skpsockstrpdataready+0x23/0x60 virtiotransportrecvpkt+0x750/0x800 ? updateloadavg+0x7e/0x620 vsockloopbackwork+0xd0/0x100 processonework+0x1a7/0x360 workerthread+0x30/0x390 ? createworker+0x1a0/0x1a0 kthread+0x112/0x130 ? __kthreadcancelwork+0x40/0x40 retfromfork+0x1f/0x40

v2: - Add IS_ICSK check v3: - Update the commits in Fixes

References

https://nvd.nist.gov/vuln/detail/CVE-2024-53091

Affected packages

Azure Linux:3 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.64.2-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-54629.json"