CVE-2024-44996
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-44996
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-44996.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-44996
- Downstream
- Related
- Published
- 2024-09-04T19:54:41Z
- Modified
- 2025-10-22T01:52:12.159692Z
- Summary
- vsock: fix recursive ->recvmsg calls
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
vsock: fix recursive ->recvmsg calls
After a vsock socket has been added to a BPF sockmap, its prot->recvmsg has been replaced with vsockbpfrecvmsg(). Thus the following recursiion could happen:
vsockbpfrecvmsg() -> _vsockrecvmsg() -> vsockconnectiblerecvmsg() -> prot->recvmsg() -> vsockbpfrecvmsg() again
We need to fix it by calling the original ->recvmsg() without any BPF sockmap logic in _vsockrecvmsg().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced634f1a7110b439c65fd8a809171c1d2d28bcea6fFixed921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced634f1a7110b439c65fd8a809171c1d2d28bcea6fFixedb4ee8cf1acc5018ed1369150d7bb3e0d0f79e135
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced634f1a7110b439c65fd8a809171c1d2d28bcea6fFixed69139d2919dd4aa9a553c8245e7c63e82613e3fc
Affected versions
v6.*
v6.10
v6.10-rc1
v6.10-rc2
v6.10-rc3
v6.10-rc4
v6.10-rc5
v6.10-rc6
v6.10-rc7
v6.10.1
v6.10.2
v6.10.3
v6.10.4
v6.10.5
v6.10.6
v6.11-rc1
v6.11-rc2
v6.3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.41
v6.6.42
v6.6.43
v6.6.44
v6.6.45
v6.6.46
v6.6.47
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5",
"id": "CVE-2024-44996-3e980045",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/vmw_vsock/vsock_bpf.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"128860280642145350645752562179539970733",
"55478285112227836276034339815340402513",
"308059600082892821167699805205564883260",
"221511927253214635126021554512374870861",
"336115117073454192717572958300007254790",
"93991646514107432378629067121203990193"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135",
"id": "CVE-2024-44996-451f2e90",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"59236642425677821751979603751391738311",
"278853603633200769525502477943996882246",
"81688370813018336599449244269170836354",
"261685198984509737770460151314422766113",
"61067832539532215793822970214181891876",
"106284922463137599685492063232182933758",
"211144469731806593792682243692166253691",
"289611586244112640450598684609484281252",
"104489630150260981164890303019320353927",
"211212609927651323978438840844651511850",
"282019150594078192559071852219754516859",
"71260199927285220508711426370421978774",
"301183473015327660466665798300032559099",
"10498330931172270519030512322891119318",
"264938764760982655903365683139533297543",
"158960966069480759672674214111768016389",
"153117013643512308761536853515911062934",
"33423650085153849131073414288024345405",
"312545189495249435004698882609460371437",
"157651980301333024258605461288868584691",
"288495035627839611327521500171790299735",
"224335550704433863489288429241259201668",
"101969192940196634152087362920517822530",
"314959867941290228747703921616259127911",
"259952755809451893796465631847918380686",
"122425431355592536663402811190769277462",
"194196285110925726103992629810138551583",
"156402450936481681406333210926653461276",
"118811743101424409072323411023391609591",
"40159507290802510753757603943995151177",
"194060776183253728603593064675192558523",
"43166086781140189404847407236946825422",
"104217587524918745888069134486648044746",
"45302638300478648431547059542473956846",
"168424342334473476812418181279346854627",
"206813381151653510109473652120118974129",
"317628144964806205968490731136489576785",
"283383732300378315916366754630252392442",
"292738590093067298582131388464904441325",
"277982920946601154656337003285920807925",
"106436413119072516696969741110068361936",
"265964500759853688338409531776453563210",
"181546343269341306229084078700411639904",
"117041695734506075043876663345261506150",
"285351646071383213831005526994177142215"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135",
"id": "CVE-2024-44996-4e936d18",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "vsock_connectible_recvmsg",
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Function",
"digest": {
"length": 1064.0,
"function_hash": "276551209420439942709037618971767123918"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5",
"id": "CVE-2024-44996-56e1a58e",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "vsock_dgram_recvmsg",
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Function",
"digest": {
"length": 446.0,
"function_hash": "6661726330648093431404571527675010358"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5",
"id": "CVE-2024-44996-88ad7ce9",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "include/net/af_vsock.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"45434425357707231045048114830954346722",
"188438544569418338111836527356872909070",
"306389827481464289066483808848878284281",
"303656916714751079175408487380853113207",
"190359070558906911513810625540416181600",
"326138947246245016350282855007093001661"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5",
"id": "CVE-2024-44996-901eba60",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"59236642425677821751979603751391738311",
"278853603633200769525502477943996882246",
"81688370813018336599449244269170836354",
"261685198984509737770460151314422766113",
"61067832539532215793822970214181891876",
"106284922463137599685492063232182933758",
"211144469731806593792682243692166253691",
"289611586244112640450598684609484281252",
"104489630150260981164890303019320353927",
"211212609927651323978438840844651511850",
"282019150594078192559071852219754516859",
"71260199927285220508711426370421978774",
"301183473015327660466665798300032559099",
"10498330931172270519030512322891119318",
"264938764760982655903365683139533297543",
"158960966069480759672674214111768016389",
"153117013643512308761536853515911062934",
"33423650085153849131073414288024345405",
"312545189495249435004698882609460371437",
"157651980301333024258605461288868584691",
"288495035627839611327521500171790299735",
"224335550704433863489288429241259201668",
"101969192940196634152087362920517822530",
"314959867941290228747703921616259127911",
"259952755809451893796465631847918380686",
"122425431355592536663402811190769277462",
"194196285110925726103992629810138551583",
"156402450936481681406333210926653461276",
"118811743101424409072323411023391609591",
"40159507290802510753757603943995151177",
"194060776183253728603593064675192558523",
"43166086781140189404847407236946825422",
"104217587524918745888069134486648044746",
"45302638300478648431547059542473956846",
"168424342334473476812418181279346854627",
"206813381151653510109473652120118974129",
"317628144964806205968490731136489576785",
"283383732300378315916366754630252392442",
"292738590093067298582131388464904441325",
"277982920946601154656337003285920807925",
"106436413119072516696969741110068361936",
"265964500759853688338409531776453563210",
"181546343269341306229084078700411639904",
"117041695734506075043876663345261506150",
"285351646071383213831005526994177142215"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69139d2919dd4aa9a553c8245e7c63e82613e3fc",
"id": "CVE-2024-44996-9c4d0a24",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"59236642425677821751979603751391738311",
"278853603633200769525502477943996882246",
"81688370813018336599449244269170836354",
"261685198984509737770460151314422766113",
"61067832539532215793822970214181891876",
"106284922463137599685492063232182933758",
"211144469731806593792682243692166253691",
"289611586244112640450598684609484281252",
"104489630150260981164890303019320353927",
"211212609927651323978438840844651511850",
"282019150594078192559071852219754516859",
"71260199927285220508711426370421978774",
"301183473015327660466665798300032559099",
"10498330931172270519030512322891119318",
"264938764760982655903365683139533297543",
"158960966069480759672674214111768016389",
"153117013643512308761536853515911062934",
"33423650085153849131073414288024345405",
"312545189495249435004698882609460371437",
"157651980301333024258605461288868584691",
"288495035627839611327521500171790299735",
"224335550704433863489288429241259201668",
"101969192940196634152087362920517822530",
"314959867941290228747703921616259127911",
"259952755809451893796465631847918380686",
"122425431355592536663402811190769277462",
"194196285110925726103992629810138551583",
"156402450936481681406333210926653461276",
"118811743101424409072323411023391609591",
"40159507290802510753757603943995151177",
"194060776183253728603593064675192558523",
"43166086781140189404847407236946825422",
"104217587524918745888069134486648044746",
"45302638300478648431547059542473956846",
"168424342334473476812418181279346854627",
"206813381151653510109473652120118974129",
"317628144964806205968490731136489576785",
"283383732300378315916366754630252392442",
"292738590093067298582131388464904441325",
"277982920946601154656337003285920807925",
"106436413119072516696969741110068361936",
"265964500759853688338409531776453563210",
"181546343269341306229084078700411639904",
"117041695734506075043876663345261506150",
"285351646071383213831005526994177142215"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69139d2919dd4aa9a553c8245e7c63e82613e3fc",
"id": "CVE-2024-44996-9dbb150b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/vmw_vsock/vsock_bpf.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"128860280642145350645752562179539970733",
"55478285112227836276034339815340402513",
"308059600082892821167699805205564883260",
"221511927253214635126021554512374870861",
"336115117073454192717572958300007254790",
"93991646514107432378629067121203990193"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135",
"id": "CVE-2024-44996-a32865e6",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "net/vmw_vsock/vsock_bpf.c"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"128860280642145350645752562179539970733",
"55478285112227836276034339815340402513",
"308059600082892821167699805205564883260",
"221511927253214635126021554512374870861",
"336115117073454192717572958300007254790",
"93991646514107432378629067121203990193"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@921f1acf0c3cf6b1260ab57a8a6e8b3d5f3023d5",
"id": "CVE-2024-44996-b25de387",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "vsock_connectible_recvmsg",
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Function",
"digest": {
"length": 1064.0,
"function_hash": "276551209420439942709037618971767123918"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69139d2919dd4aa9a553c8245e7c63e82613e3fc",
"id": "CVE-2024-44996-b8363c51",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "vsock_connectible_recvmsg",
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Function",
"digest": {
"length": 1064.0,
"function_hash": "276551209420439942709037618971767123918"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135",
"id": "CVE-2024-44996-ce7ce10d",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "vsock_dgram_recvmsg",
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Function",
"digest": {
"length": 446.0,
"function_hash": "6661726330648093431404571527675010358"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69139d2919dd4aa9a553c8245e7c63e82613e3fc",
"id": "CVE-2024-44996-d1c91d2a",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "vsock_dgram_recvmsg",
"file": "net/vmw_vsock/af_vsock.c"
},
"signature_type": "Function",
"digest": {
"length": 446.0,
"function_hash": "6661726330648093431404571527675010358"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@69139d2919dd4aa9a553c8245e7c63e82613e3fc",
"id": "CVE-2024-44996-dd961115",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "include/net/af_vsock.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"45434425357707231045048114830954346722",
"188438544569418338111836527356872909070",
"306389827481464289066483808848878284281",
"303656916714751079175408487380853113207",
"190359070558906911513810625540416181600",
"326138947246245016350282855007093001661"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4ee8cf1acc5018ed1369150d7bb3e0d0f79e135",
"id": "CVE-2024-44996-e1c5c30b",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "include/net/af_vsock.h"
},
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"45434425357707231045048114830954346722",
"188438544569418338111836527356872909070",
"306389827481464289066483808848878284281",
"303656916714751079175408487380853113207",
"190359070558906911513810625540416181600",
"326138947246245016350282855007093001661"
]
}
}
]