CVE-2024-45016

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-45016
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45016.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-45016
Downstream
Related
Published
2024-09-11T15:13:52.053Z
Modified
2026-05-18T05:57:54.894767711Z
Summary
netem: fix return value if duplicate enqueue fails
Details

In the Linux kernel, the following vulnerability has been resolved:

netem: fix return value if duplicate enqueue fails

There is a bug in netemenqueue() introduced by commit 5845f706388a ("net: netem: fix skb length BUGON in __skbtosgvec") that can lead to a use-after-free.

This commit made netemenqueue() always return NETXMITSUCCESS when a packet is duplicated, which can cause the parent qdisc's q.qlen to be mistakenly incremented. When this happens qlennotify() may be skipped on the parent during destruction, leaving a dangling pointer for some classful qdiscs like DRR.

There are two ways for the bug happen:

  • If the duplicated packet is dropped by rootq->enqueue() and then the original packet is also dropped.
  • If rootq->enqueue() sends the duplicated packet to a different qdisc and the original packet is dropped.

In both cases NETXMITSUCCESS is returned even though no packets are enqueued at the netem qdisc.

The fix is to defer the enqueue of the duplicate packet until after the original packet has been guaranteed to return NETXMITSUCCESS.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/45xxx/CVE-2024-45016.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5845f706388a4cde0f6b80f9e5d33527e942b7d9
Fixed
759e3e8c4a6a6b4e52ebc4547123a457f0ce90d4
Fixed
c414000da1c2ea1ba9a5e5bb1a4ba774e51e202d
Fixed
52d99a69f3d556c6426048c9d481b912205919d8
Fixed
0486d31dd8198e22b63a4730244b38fffce6d469
Fixed
577d6c0619467fe90f7e8e57e45cb5bd9d936014
Fixed
e5bb2988a310667abed66c7d3ffa28880cf0f883
Fixed
c07ff8592d57ed258afee5a5e04991a48dbaf382
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a550a01b8af856f2684b0f79d552f5119eb5006c
Last affected
009510a90e230bb495f3fe25c7db956679263b07
Last affected
4de7d30668cb8b06330992e1cd336f91700a2ce7
Last affected
d1dd2e15c85e890a1cc9bde5ba07ae63331e5c73
Last affected
0148fe458b5705e2fea7cb88294fed7e36066ca2

Affected versions

v2.*
v2.6.12-rc2
v2.6.12-rc3
v2.6.12-rc4
v2.6.13
v2.6.13-rc1
v2.6.13-rc2
v2.6.13-rc3
v2.6.13-rc4
v2.6.13-rc5
v2.6.13-rc6
v2.6.13-rc7
v2.6.14-rc1
v2.6.14-rc2
v2.6.14-rc3
v2.6.15-rc1
v2.6.15-rc2
v2.6.15-rc4
v2.6.15-rc5
v2.6.15-rc7
v2.6.16
v2.6.16-rc1
v2.6.16-rc2
v2.6.16-rc3
v2.6.16-rc4
v2.6.16-rc5
v2.6.16-rc6
v2.6.17
v2.6.17-rc1
v2.6.17-rc2
v2.6.17-rc3
v2.6.17-rc4
v2.6.17-rc5
v2.6.17-rc6
v2.6.18
v2.6.18-rc1
v2.6.18-rc2
v2.6.18-rc3
v2.6.18-rc5
v2.6.18-rc6
v2.6.19-rc1
v2.6.19-rc2
v2.6.20-rc1
v2.6.20-rc2
v2.6.20-rc3
v2.6.20-rc4
v2.6.20-rc5
v2.6.20-rc6
v2.6.20-rc7
v2.6.21
v2.6.21-rc1
v2.6.21-rc2
v2.6.21-rc3
v2.6.21-rc4
v2.6.21-rc5
v2.6.21-rc6
v2.6.21-rc7
v2.6.22
v2.6.22-rc1
v2.6.22-rc2
v2.6.22-rc3
v2.6.22-rc4
v2.6.22-rc5
v2.6.22-rc6
v2.6.22-rc7
v2.6.23
v2.6.23-rc1
v2.6.23-rc2
v2.6.23-rc3
v2.6.23-rc4
v2.6.23-rc5
v2.6.23-rc6
v2.6.23-rc7
v2.6.23-rc8
v2.6.23-rc9
v2.6.24
v2.6.24-rc1
v2.6.24-rc2
v2.6.24-rc3
v2.6.24-rc4
v2.6.24-rc5
v2.6.24-rc6
v2.6.24-rc7
v2.6.24-rc8
v2.6.25
v2.6.25-rc1
v2.6.25-rc2
v2.6.25-rc3
v2.6.25-rc4
v2.6.25-rc5
v2.6.25-rc6
v2.6.25-rc7
v2.6.25-rc8
v2.6.25-rc9
v2.6.26
v2.6.26-rc1
v2.6.26-rc2
v2.6.26-rc3
v2.6.26-rc4
v2.6.26-rc5
v2.6.26-rc6
v2.6.26-rc7
v2.6.26-rc8
v2.6.26-rc9
v2.6.27
v2.6.27-rc1
v2.6.27-rc2
v2.6.27-rc3
v2.6.27-rc4
v2.6.27-rc5
v2.6.27-rc6
v2.6.27-rc7
v2.6.27-rc8
v2.6.27-rc9
v2.6.28
v2.6.28-rc1
v2.6.28-rc2
v2.6.28-rc3
v2.6.28-rc4
v2.6.28-rc5
v2.6.28-rc6
v2.6.28-rc7
v2.6.28-rc8
v2.6.28-rc9
v2.6.29
v2.6.29-rc1
v2.6.29-rc2
v2.6.29-rc3
v2.6.29-rc4
v2.6.29-rc5
v2.6.29-rc6
v2.6.29-rc7
v2.6.29-rc8
v2.6.30
v2.6.30-rc1
v2.6.30-rc2
v2.6.30-rc3
v2.6.30-rc4
v2.6.30-rc5
v2.6.30-rc6
v2.6.30-rc7
v2.6.30-rc8
v2.6.31
v2.6.31-rc1
v2.6.31-rc2
v2.6.31-rc3
v2.6.31-rc4
v2.6.31-rc5
v2.6.31-rc6
v2.6.31-rc7
v2.6.31-rc8
v2.6.31-rc9
v2.6.32
v2.6.32-rc1
v2.6.32-rc2
v2.6.32-rc3
v2.6.32-rc4
v2.6.32-rc5
v2.6.32-rc6
v2.6.32-rc7
v2.6.32-rc8
v2.6.33
v2.6.33-rc1
v2.6.33-rc2
v2.6.33-rc3
v2.6.33-rc4
v2.6.33-rc5
v2.6.33-rc6
v2.6.33-rc7
v2.6.33-rc8
v2.6.34
v2.6.34-rc1
v2.6.34-rc2
v2.6.34-rc3
v2.6.34-rc4
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v2.6.35
v2.6.35-rc1
v2.6.35-rc2
v2.6.35-rc3
v2.6.35-rc4
v2.6.35-rc5
v2.6.35-rc6
v2.6.36
v2.6.36-rc1
v2.6.36-rc2
v2.6.36-rc3
v2.6.36-rc4
v2.6.36-rc5
v2.6.36-rc6
v2.6.36-rc7
v2.6.36-rc8
v2.6.37
v2.6.37-rc1
v2.6.37-rc2
v2.6.37-rc3
v2.6.37-rc4
v2.6.37-rc5
v2.6.37-rc6
v2.6.37-rc7
v2.6.37-rc8
v2.6.38
v2.6.38-rc1
v2.6.38-rc2
v2.6.38-rc3
v2.6.38-rc4
v2.6.38-rc5
v2.6.38-rc6
v2.6.38-rc7
v2.6.38-rc8
v2.6.39
v2.6.39-rc1
v2.6.39-rc2
v2.6.39-rc3
v2.6.39-rc4
v2.6.39-rc5
v2.6.39-rc6
v2.6.39-rc7
v3.*
v3.0
v3.0-rc1
v3.0-rc2
v3.0-rc3
v3.0-rc4
v3.0-rc5
v3.0-rc6
v3.0-rc7
v3.1
v3.1-rc1
v3.1-rc10
v3.1-rc2
v3.1-rc3
v3.1-rc4
v3.1-rc5
v3.1-rc6
v3.1-rc7
v3.1-rc8
v3.1-rc9
v3.10
v3.10-rc1
v3.10-rc2
v3.10-rc3
v3.10-rc4
v3.10-rc5
v3.10-rc6
v3.10-rc7
v3.11
v3.11-rc1
v3.11-rc2
v3.11-rc3
v3.11-rc4
v3.11-rc5
v3.11-rc6
v3.11-rc7
v3.12
v3.12-rc1
v3.12-rc2
v3.12-rc3
v3.12-rc4
v3.12-rc5
v3.12-rc6
v3.12-rc7
v3.13
v3.13-rc1
v3.13-rc2
v3.13-rc3
v3.13-rc4
v3.13-rc5
v3.13-rc6
v3.13-rc7
v3.13-rc8
v3.14
v3.14-rc1
v3.14-rc2
v3.14-rc3
v3.14-rc4
v3.14-rc5
v3.14-rc6
v3.14-rc7
v3.14-rc8
v3.15
v3.15-rc1
v3.15-rc2
v3.15-rc3
v3.15-rc4
v3.15-rc5
v3.15-rc6
v3.15-rc7
v3.15-rc8
v3.16
v3.16-rc1
v3.16-rc2
v3.16-rc3
v3.16-rc4
v3.16-rc5
v3.16-rc6
v3.16-rc7
v3.16.1
v3.16.2
v3.16.3
v3.16.35
v3.16.36
v3.16.37
v3.16.38
v3.16.39
v3.16.4
v3.16.40
v3.16.41
v3.16.42
v3.16.43
v3.16.44
v3.16.45
v3.16.46
v3.16.47
v3.16.48
v3.16.49
v3.16.5
v3.16.50
v3.16.51
v3.16.52
v3.16.53
v3.16.54
v3.16.55
v3.16.56
v3.16.57
v3.16.58
v3.16.59
v3.16.6
v3.16.60
v3.16.61
v3.16.62
v3.16.63
v3.16.64
v3.16.65
v3.16.7
v3.17
v3.17-rc1
v3.17-rc2
v3.17-rc3
v3.17-rc4
v3.17-rc5
v3.17-rc6
v3.17-rc7
v3.18
v3.18-rc1
v3.18-rc2
v3.18-rc3
v3.18-rc4
v3.18-rc5
v3.18-rc6
v3.18-rc7
v3.19
v3.19-rc1
v3.19-rc2
v3.19-rc3
v3.19-rc4
v3.19-rc5
v3.19-rc6
v3.19-rc7
v3.2
v3.2-rc1
v3.2-rc2
v3.2-rc3
v3.2-rc4
v3.2-rc5
v3.2-rc6
v3.2-rc7
v3.3
v3.3-rc1
v3.3-rc2
v3.3-rc3
v3.3-rc4
v3.3-rc5
v3.3-rc6
v3.3-rc7
v3.4
v3.4-rc1
v3.4-rc2
v3.4-rc3
v3.4-rc4
v3.4-rc5
v3.4-rc6
v3.4-rc7
v3.5
v3.5-rc1
v3.5-rc2
v3.5-rc3
v3.5-rc4
v3.5-rc5
v3.5-rc6
v3.5-rc7
v3.6
v3.6-rc1
v3.6-rc2
v3.6-rc3
v3.6-rc4
v3.6-rc5
v3.6-rc6
v3.6-rc7
v3.7
v3.7-rc1
v3.7-rc2
v3.7-rc3
v3.7-rc4
v3.7-rc5
v3.7-rc6
v3.7-rc7
v3.7-rc8
v3.8
v3.8-rc1
v3.8-rc2
v3.8-rc3
v3.8-rc4
v3.8-rc5
v3.8-rc6
v3.8-rc7
v3.9
v3.9-rc1
v3.9-rc2
v3.9-rc3
v3.9-rc4
v3.9-rc5
v3.9-rc6
v3.9-rc7
v3.9-rc8
v4.*
v4.0
v4.0-rc1
v4.0-rc2
v4.0-rc3
v4.0-rc4
v4.0-rc5
v4.0-rc6
v4.0-rc7
v4.1
v4.1-rc1
v4.1-rc2
v4.1-rc3
v4.1-rc4
v4.1-rc5
v4.1-rc6
v4.1-rc7
v4.1-rc8
v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.14.1
v4.14.10
v4.14.100
v4.14.101
v4.14.102
v4.14.103
v4.14.104
v4.14.105
v4.14.11
v4.14.12
v4.14.13
v4.14.14
v4.14.15
v4.14.16
v4.14.17
v4.14.18
v4.14.19
v4.14.2
v4.14.20
v4.14.21
v4.14.22
v4.14.23
v4.14.24
v4.14.25
v4.14.26
v4.14.27
v4.14.28
v4.14.29
v4.14.3
v4.14.30
v4.14.31
v4.14.32
v4.14.33
v4.14.34
v4.14.35
v4.14.36
v4.14.37
v4.14.38
v4.14.39
v4.14.4
v4.14.40
v4.14.41
v4.14.42
v4.14.43
v4.14.44
v4.14.45
v4.14.46
v4.14.47
v4.14.48
v4.14.49
v4.14.5
v4.14.50
v4.14.51
v4.14.52
v4.14.53
v4.14.54
v4.14.55
v4.14.56
v4.14.57
v4.14.58
v4.14.59
v4.14.6
v4.14.60
v4.14.61
v4.14.62
v4.14.63
v4.14.64
v4.14.65
v4.14.66
v4.14.67
v4.14.68
v4.14.69
v4.14.7
v4.14.70
v4.14.71
v4.14.72
v4.14.73
v4.14.74
v4.14.75
v4.14.76
v4.14.77
v4.14.78
v4.14.79
v4.14.8
v4.14.80
v4.14.81
v4.14.82
v4.14.83
v4.14.84
v4.14.85
v4.14.86
v4.14.87
v4.14.88
v4.14.89
v4.14.9
v4.14.90
v4.14.91
v4.14.92
v4.14.93
v4.14.94
v4.14.95
v4.14.96
v4.14.97
v4.14.98
v4.14.99
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.19.1
v4.19.10
v4.19.11
v4.19.12
v4.19.13
v4.19.14
v4.19.15
v4.19.16
v4.19.17
v4.19.18
v4.19.19
v4.19.2
v4.19.20
v4.19.21
v4.19.22
v4.19.23
v4.19.24
v4.19.25
v4.19.26
v4.19.27
v4.19.3
v4.19.4
v4.19.5
v4.19.6
v4.19.7
v4.19.8
v4.19.9
v4.2
v4.2-rc1
v4.2-rc2
v4.2-rc3
v4.2-rc4
v4.2-rc5
v4.2-rc6
v4.2-rc7
v4.2-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.20.1
v4.20.10
v4.20.11
v4.20.12
v4.20.13
v4.20.14
v4.20.2
v4.20.3
v4.20.4
v4.20.5
v4.20.6
v4.20.7
v4.20.8
v4.20.9
v4.3
v4.3-rc1
v4.3-rc2
v4.3-rc3
v4.3-rc4
v4.3-rc5
v4.3-rc6
v4.3-rc7
v4.4
v4.4-rc1
v4.4-rc2
v4.4-rc3
v4.4-rc4
v4.4-rc5
v4.4-rc6
v4.4-rc7
v4.4-rc8
v4.5
v4.5-rc1
v4.5-rc2
v4.5-rc3
v4.5-rc4
v4.5-rc5
v4.5-rc6
v4.5-rc7
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8
v4.9.1
v4.9.10
v4.9.100
v4.9.101
v4.9.102
v4.9.103
v4.9.104
v4.9.105
v4.9.106
v4.9.107
v4.9.108
v4.9.109
v4.9.11
v4.9.110
v4.9.111
v4.9.112
v4.9.113
v4.9.114
v4.9.115
v4.9.116
v4.9.117
v4.9.118
v4.9.119
v4.9.12
v4.9.120
v4.9.121
v4.9.122
v4.9.123
v4.9.124
v4.9.125
v4.9.126
v4.9.127
v4.9.128
v4.9.129
v4.9.13
v4.9.130
v4.9.131
v4.9.132
v4.9.133
v4.9.134
v4.9.135
v4.9.136
v4.9.137
v4.9.138
v4.9.139
v4.9.14
v4.9.140
v4.9.141
v4.9.142
v4.9.143
v4.9.144
v4.9.145
v4.9.146
v4.9.147
v4.9.148
v4.9.149
v4.9.15
v4.9.150
v4.9.151
v4.9.152
v4.9.153
v4.9.154
v4.9.155
v4.9.156
v4.9.157
v4.9.158
v4.9.159
v4.9.16
v4.9.160
v4.9.161
v4.9.162
v4.9.17
v4.9.18
v4.9.19
v4.9.2
v4.9.20
v4.9.21
v4.9.22
v4.9.23
v4.9.24
v4.9.25
v4.9.26
v4.9.27
v4.9.28
v4.9.29
v4.9.3
v4.9.30
v4.9.31
v4.9.32
v4.9.33
v4.9.34
v4.9.35
v4.9.36
v4.9.37
v4.9.38
v4.9.39
v4.9.4
v4.9.40
v4.9.41
v4.9.42
v4.9.43
v4.9.44
v4.9.45
v4.9.46
v4.9.47
v4.9.48
v4.9.49
v4.9.5
v4.9.50
v4.9.51
v4.9.52
v4.9.53
v4.9.54
v4.9.55
v4.9.56
v4.9.57
v4.9.58
v4.9.59
v4.9.6
v4.9.60
v4.9.61
v4.9.62
v4.9.63
v4.9.64
v4.9.65
v4.9.66
v4.9.67
v4.9.68
v4.9.69
v4.9.7
v4.9.70
v4.9.71
v4.9.72
v4.9.73
v4.9.74
v4.9.75
v4.9.76
v4.9.77
v4.9.78
v4.9.79
v4.9.8
v4.9.80
v4.9.81
v4.9.82
v4.9.83
v4.9.84
v4.9.85
v4.9.86
v4.9.87
v4.9.88
v4.9.89
v4.9.9
v4.9.90
v4.9.91
v4.9.92
v4.9.93
v4.9.94
v4.9.95
v4.9.96
v4.9.97
v4.9.98
v4.9.99

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45016.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.0.0
Fixed
5.4.283
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.225
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.166
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.107
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.48
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.7

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-45016.json"