CVE-2024-56770

Summary

CVE-2024-56770 is a vulnerability in the Linux kernel's netem qdisc, specifically regarding the handling of backlog updates from child qdiscs. The netem qdisc fails to account for changes made by a child qdisc, leading to an inaccurate 'qlen' value. This can cause the netem qdisc to stop accepting packets even when the tfifo is not full, resulting in interface lock-ups and potential network disruptions. The vulnerability can be reproduced by sending bulk TCP traffic through an interface with netem and a child qdisc configured. The patch for this issue adds a counter for the entries in the tfifo, allowing netem to account for external updates to 'qlen' and maintain accurate backlog statistics.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.