{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-56694","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-27T15:00:39.849Z","datePublished":"2024-12-28T09:46:18.826Z","dateUpdated":"2025-11-03T20:52:43.997Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-06-19T12:39:23.772Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix recursive lock when verdict program return SK_PASS\n\nWhen the stream_verdict program returns SK_PASS, it places the received skb\ninto its own receive queue, but a recursive lock eventually occurs, leading\nto an operating system deadlock. This issue has been present since v6.9.\n\n'''\nsk_psock_strp_data_ready\n write_lock_bh(&sk->sk_callback_lock)\n strp_data_ready\n strp_read_sock\n read_sock -> tcp_read_sock\n strp_recv\n cb.rcv_msg -> sk_psock_strp_read\n # now stream_verdict return SK_PASS without peer sock assign\n __SK_PASS = sk_psock_map_verd(SK_PASS, NULL)\n sk_psock_verdict_apply\n sk_psock_skb_ingress_self\n sk_psock_skb_ingress_enqueue\n sk_psock_data_ready\n read_lock_bh(&sk->sk_callback_lock) <= dead lock\n\n'''\n\nThis topic has been discussed before, but it has not been fixed.\nPrevious discussion:\nhttps://lore.kernel.org/all/6684a5864ec86_403d20898@john.notmuch"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/core/skmsg.c"],"versions":[{"version":"c0809c128dad4c3413818384eb06a341633db973","lessThan":"221109ba2127eabd0aa64718543638b58b15df56","status":"affected","versionType":"git"},{"version":"5965bc7535fb87510b724e5465ccc1a1cf00916d","lessThan":"6694f7acd625ed854bf6342926e771d65dad7f69","status":"affected","versionType":"git"},{"version":"39dc9e1442385d6e9be0b6491ee488dddd55ae27","lessThan":"386efa339e08563dd33e83bc951aea5d407fe578","status":"affected","versionType":"git"},{"version":"b397a0ab8582c533ec0c6b732392f141fc364f87","lessThan":"da2bc8a0c8f3ac66fdf980fc59936f851a083561","status":"affected","versionType":"git"},{"version":"6648e613226e18897231ab5e42ffc29e63fa3365","lessThan":"01f1b88acfd79103da0610b45471f6c88ea98d72","status":"affected","versionType":"git"},{"version":"6648e613226e18897231ab5e42ffc29e63fa3365","lessThan":"f84c5ef6ca23cc2f72f3b830d74f67944684bb05","status":"affected","versionType":"git"},{"version":"6648e613226e18897231ab5e42ffc29e63fa3365","lessThan":"8ca2a1eeadf09862190b2810697702d803ceef2d","status":"affected","versionType":"git"},{"version":"772d5729b5ff0df0d37b32db600ce635b2172f80","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/core/skmsg.c"],"versions":[{"version":"6.9","status":"affected"},{"version":"0","lessThan":"6.9","status":"unaffected","versionType":"semver"},{"version":"5.10.233","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.174","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.120","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.64","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.11.11","lessThanOrEqual":"6.11.*","status":"unaffected","versionType":"semver"},{"version":"6.12.2","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.223","versionEndExcluding":"5.10.233"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.159","versionEndExcluding":"5.15.174"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.91","versionEndExcluding":"6.1.120"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.31","versionEndExcluding":"6.6.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.11.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.10"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/221109ba2127eabd0aa64718543638b58b15df56"},{"url":"https://git.kernel.org/stable/c/6694f7acd625ed854bf6342926e771d65dad7f69"},{"url":"https://git.kernel.org/stable/c/386efa339e08563dd33e83bc951aea5d407fe578"},{"url":"https://git.kernel.org/stable/c/da2bc8a0c8f3ac66fdf980fc59936f851a083561"},{"url":"https://git.kernel.org/stable/c/01f1b88acfd79103da0610b45471f6c88ea98d72"},{"url":"https://git.kernel.org/stable/c/f84c5ef6ca23cc2f72f3b830d74f67944684bb05"},{"url":"https://git.kernel.org/stable/c/8ca2a1eeadf09862190b2810697702d803ceef2d"}],"title":"bpf: fix recursive lock when verdict program return SK_PASS","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T20:52:43.997Z"}}]}}