SB20241230273 - Resource management error in Linux kernel sched
Published: December 30, 2024 Updated: May 11, 2025
Security Bulletin ID
SB20241230273
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-53164)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the choke_drop_by_idx() function in net/sched/sch_choke.c, within the cake_drop() function in net/sched/sch_cake.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/489422e2befff88a1de52b2acebe7b333bded025
- https://git.kernel.org/stable/c/5eb7de8cd58e73851cd37ff8d0666517d9926948
- https://git.kernel.org/stable/c/97e13434b5da8e91bdf965352fad2141d13d72d3
- https://git.kernel.org/stable/c/e3e54ad9eff8bdaa70f897e5342e34b76109497f
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.7