Description

In the Linux kernel, the following vulnerability has been resolved: vsock: Update rx_bytes on read_skb() Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt() calls are balanced (i.e. virtio_vsock_sock::rx_bytes doesn't lie) after vsock_transport::read_skb(). While here, also inform the peer that we've freed up space and it has more credit. Failing to update rx_bytes after packet is dequeued leads to a warning on SOCK_STREAM recv(): [ 233.396654] rx_queue is empty, but rx_bytes is non-zero [ 233.396702] WARNING: CPU: 11 PID: 40601 at net/vmw_vsock/virtio_transport_common.c:589

INFO

Published Date :

2024-11-07T09:31:45.804Z

Last Modified :

2025-10-01T20:27:11.243Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50169 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50169.

URL Resource
https://git.kernel.org/stable/c/3543152f2d330141d9394d28855cb90b860091d2 cve-icon cve-icon
https://git.kernel.org/stable/c/66cd51de31c682a311c2fa25c580b7ea45859dd9 cve-icon cve-icon
https://git.kernel.org/stable/c/e5ca2b98090b4bb1c393088c724af6c37812a829 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024110749-CVE-2024-50169-9df5@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50169 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50169 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact