CVE-2024-57996

Summary

CVE-2024-57996 is a vulnerability in the Linux kernel's net_sched component, specifically in the sch_sfq subsystem. This issue arises due to an incorrect implementation of a packet limit in the SFQ (Smoothed Fair Queuing) scheduler. When the limit is set to 1, the current implementation does not function properly, leading to a UBSAN (Uninitialized Buffer Sanitizer) crash. This issue can be reproduced by setting the SFQ limit to 1 and attempting to queue more than one packet. The crash occurs when the SFQ scheduler tries to dequeue a packet and encounters an empty slot with a null tail pointer, resulting in an underflow and an out-of-bounds access. This vulnerability has been resolved in the latest Linux kernel releases.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.