{
  "threat_severity" : "Moderate",
  "public_date" : "2024-12-02T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: vsock: Fix sk_error_queue memory leak",
    "id" : "2329919",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2329919"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.1",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-401",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nvsock: Fix sk_error_queue memory leak\nKernel queues MSG_ZEROCOPY completion notifications on the error queue.\nWhere they remain, until explicitly recv()ed. To prevent memory leaks,\nclean up the queue when the socket is destroyed.\nunreferenced object 0xffff8881028beb00 (size 224):\ncomm \"vsock_test\", pid 1218, jiffies 4294694897\nhex dump (first 32 bytes):\n90 b0 21 17 81 88 ff ff 90 b0 21 17 81 88 ff ff  ..!.......!.....\n00 00 00 00 00 00 00 00 00 b0 21 17 81 88 ff ff  ..........!.....\nbacktrace (crc 6c7031ca):\n[<ffffffff81418ef7>] kmem_cache_alloc_node_noprof+0x2f7/0x370\n[<ffffffff81d35882>] __alloc_skb+0x132/0x180\n[<ffffffff81d2d32b>] sock_omalloc+0x4b/0x80\n[<ffffffff81d3a8ae>] msg_zerocopy_realloc+0x9e/0x240\n[<ffffffff81fe5cb2>] virtio_transport_send_pkt_info+0x412/0x4c0\n[<ffffffff81fe6183>] virtio_transport_stream_enqueue+0x43/0x50\n[<ffffffff81fe0813>] vsock_connectible_sendmsg+0x373/0x450\n[<ffffffff81d233d5>] ____sys_sendmsg+0x365/0x3a0\n[<ffffffff81d246f4>] ___sys_sendmsg+0x84/0xd0\n[<ffffffff81d26f47>] __sys_sendmsg+0x47/0x80\n[<ffffffff820d3df3>] do_syscall_64+0x93/0x180\n[<ffffffff8220012b>] entry_SYSCALL_64_after_hwframe+0x76/0x7e" ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-05-13T00:00:00Z",
    "advisory" : "RHSA-2025:6966",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-570.12.1.el9_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-05-13T00:00:00Z",
    "advisory" : "RHSA-2025:6966",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-570.12.1.el9_6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-53118\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-53118\nhttps://lore.kernel.org/linux-cve-announce/2024120251-CVE-2024-53118-c6d7@gregkh/T" ],
  "name" : "CVE-2024-53118",
  "csaw" : false
}