Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-53164

Опубликовано: 27 дек. 2024
Источник: redhat
CVSS3: 4.1

Описание

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen before a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.

Отчет

The bug is in Common Applications Kept Enhanced (CAKE) queue management algorithm. The support of this algorithm enabled starting from Red Hat Enterprise Linux 9.2. It is disabled by default (can be enabled by tc qdisc cake command). The security impact of this issue is limited.

Меры по смягчению последствий

To mitigate this issue, prevent module sch_cake from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelOut of support scope
Red Hat Enterprise Linux 8kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 9kernelFixedRHSA-2025:696613.05.2025
Red Hat Enterprise Linux 9kernelFixedRHSA-2025:696613.05.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-459
https://bugzilla.redhat.com/show_bug.cgi?id=2334350kernel: net: sched: fix ordering of qlen adjustment

4.1 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-53164

ubuntu
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.

nvd логотип

CVE-2024-53164

nvd
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.

debian логотип

CVE-2024-53164

debian
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: n ...

github логотип

GHSA-4vvx-v299-79g8

github
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen around qdisc_tree_reduce_backlog() need to happen _before_ a call to said function because otherwise it may fail to notify parent qdiscs when the child is about to become empty.

fstec логотип

BDU:2025-04146

CVSS3: 4.7
fstec
8 месяцев назад

Уязвимость компонентов net/sched ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

4.1 Medium

CVSS3