SB2025021272 - Resource management error in Linux kernel
Published: February 12, 2025 Updated: May 11, 2025
Security Bulletin ID
SB2025021272
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Resource management error (CVE-ID: CVE-2024-57951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the hrtimers_prepare_cpu() and hrtimers_cpu_dying() functions in kernel/time/hrtimer.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/14984139f1f2768883332965db566ef26db609e7
- https://git.kernel.org/stable/c/15b453db41d36184cf0ccc21e7df624014ab6a1a
- https://git.kernel.org/stable/c/2f8dea1692eef2b7ba6a256246ed82c365fdc686
- https://git.kernel.org/stable/c/38492f6ee883c7b1d33338bf531a62cff69b4b28
- https://git.kernel.org/stable/c/3d41dbf82e10c44e53ea602398ab002baec27e75
- https://git.kernel.org/stable/c/95e4f62df23f4df1ce6ef897d44b8e23c260921a
- https://git.kernel.org/stable/c/a5cbbea145b400e40540c34816d16d36e0374fbc
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.74