CVE-2024-57901

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-57901
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-57901.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-57901
Downstream
Related
Published
2025-01-15T13:05:57.527Z
Modified
2025-11-28T02:34:56.153373Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK
Details

In the Linux kernel, the following vulnerability has been resolved:

afpacket: fix vlangetprotocoldgram() vs MSG_PEEK

Blamed commit forgot MSG_PEEK case, allowing a crash [1] as found by syzbot.

Rework vlangetprotocol_dgram() to not touch skb at all, so that it can be used from many cpus on the same skb.

Add a const qualifier to skb argument.

[1] skbuff: skbunderpanic: text:ffffffff8a8ccd05 len:29 put:14 head:ffff88807fc8e400 data:ffff88807fc8e3f4 tail:0x11 end:0x140 dev:<NULL> ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:206 ! Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 5892 Comm: syz-executor883 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:skbpanic net/core/skbuff.c:206 [inline] RIP: 0010:skbunderpanic+0x14b/0x150 net/core/skbuff.c:216 Code: 0b 8d 48 c7 c6 86 d5 25 8e 48 8b 54 24 08 8b 0c 24 44 8b 44 24 04 4d 89 e9 50 41 54 41 57 41 56 e8 5a 69 79 f7 48 83 c4 20 90 <0f> 0b 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 RSP: 0018:ffffc900038d7638 EFLAGS: 00010282 RAX: 0000000000000087 RBX: dffffc0000000000 RCX: 609ffd18ea660600 RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000 RBP: ffff88802483c8d0 R08: ffffffff817f0a8c R09: 1ffff9200071ae60 R10: dffffc0000000000 R11: fffff5200071ae61 R12: 0000000000000140 R13: ffff88807fc8e400 R14: ffff88807fc8e3f4 R15: 0000000000000011 FS: 00007fbac5e006c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fbac5e00d58 CR3: 000000001238e000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> skbpush+0xe5/0x100 net/core/skbuff.c:2636 vlangetprotocoldgram+0x165/0x290 net/packet/afpacket.c:585 packetrecvmsg+0x948/0x1ef0 net/packet/afpacket.c:3552 sockrecvmsgnosec net/socket.c:1033 [inline] sockrecvmsg+0x22f/0x280 net/socket.c:1055 sysrecvmsg+0x1c6/0x480 net/socket.c:2803 sysrecvmsg net/socket.c:2845 [inline] dorecvmmsg+0x426/0xab0 net/socket.c:2940 _sysrecvmmsg net/socket.c:3014 [inline] _dosysrecvmmsg net/socket.c:3037 [inline] _sesysrecvmmsg net/socket.c:3030 [inline] _x64sysrecvmmsg+0x199/0x250 net/socket.c:3030 dosyscallx64 arch/x86/entry/common.c:52 [inline] dosyscall64+0xf3/0x230 arch/x86/entry/common.c:83 entrySYSCALL64afterhwframe+0x77/0x7f

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/57xxx/CVE-2024-57901.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c77064e76c768fb101ea5ff92dc771142fc9d8fd
Fixed
560cbdd26b510626f3f4f27d34c44dfd3dd3499d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
83e2dfadcb6258fe3111c8a8ec9cf34465e55e64
Fixed
0d3fa6c3c9ca7aa255696150f5b759ac4a4974e1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d0a1f9aa70f0d8a05b6320e8a3f3b83adab8dac3
Fixed
de4f8d477c67ec1d7c28f3486c3e47d147d90a01
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5839f59ff1dd4e35b9e767927931a039484839e1
Fixed
5d336714db324bef84490c75dcc48b387ef0346e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5a041d25b67042cbe06a0fb292ee22fd1147e65c
Fixed
a693b87692b4d7c50f4fc08a996678d60534a9da
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
79eecf631c14e7f4057186570ac20e2cfac3802e
Fixed
cd8488fdc7116f6da277515647b167859d4f72b1
Fixed
f91a5b8089389eb408501af2762f168c3aaa7b79
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3dfd84aa72fa7329ed4a257c8f40e0c9aff4dc8f
Last affected
66f23a7b5174b5d3e7111fd2d0d5a4f3faaa12e5

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.289
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.233
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.176
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.124
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.70
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.9