CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-50169: vsock: Update rx_bytes on read_skb()

Description

In the Linux kernel, the following vulnerability has been resolved:

vsock: Update rx_bytes on read_skb()

Make sure virtio_transport_inc_rx_pkt() and virtio_transport_dec_rx_pkt()
calls are balanced (i.e. virtio_vsock_sock::rx_bytes doesn't lie) after
vsock_transport::read_skb().

While here, also inform the peer that we've freed up space and it has more
credit.

Failing to update rx_bytes after packet is dequeued leads to a warning on
SOCK_STREAM recv():

[ 233.396654] rx_queue is empty, but rx_bytes is non-zero
[ 233.396702] WARNING: CPU: 11 PID: 40601 at net/vmw_vsock/virtio_transport_common.c:589

Classification

CVE ID: CVE-2024-50169

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 4.32% (scored less or equal to compared to others)

EPSS Date: 2025-06-02 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-50169
https://git.kernel.org/stable/c/66cd51de31c682a311c2fa25c580b7ea45859dd9
https://git.kernel.org/stable/c/e5ca2b98090b4bb1c393088c724af6c37812a829
https://git.kernel.org/stable/c/3543152f2d330141d9394d28855cb90b860091d2

Timeline

2025-03-06 09:45:37 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-50169
2025-05-04 10:40:22 UTC
CVE

vsock: Update rx_bytes on read_skb()