CVE & CISA-KEV Catalog

CVE-2024-50155

HIGH
7.8
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: netdevsim: use cond_resched() in nsim_dev_trap_report_work() I am still seeing many syzbot reports hinting that syzbot might fool nsim_dev_trap_report_work() with hundreds of ports [1] Lets use cond_resched(), and system_unbound_wq instead of implicit system_wq. [1] INFO: task syz-executor:20633 blocked for more than 143 seconds. Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor state:D stack:25856 pid:20633 tgid:20633 ppid:1 flags:0x00004006 ... NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 16760 Comm: kworker/1:0 Not tainted 6.12.0-rc2-syzkaller-00205-g1d227fcc7222 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: events nsim_dev_trap_report_work RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:210 Code: 89 fb e8 23 00 00 00 48 8b 3d 04 fb 9c 0c 48 89 de 5b e9 c3 c7 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 60 f0 RSP: 0018:ffffc90000a187e8 EFLAGS: 00000246 RAX: 0000000000000100 RBX: ffffc90000a188e0 RCX: ffff888027d3bc00 RDX: ffff888027d3bc00 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff88804a2e6000 R08: ffffffff8a4bc495 R09: ffffffff89da3577 R10: 0000000000000004 R11: ffffffff8a4bc2b0 R12: dffffc0000000000 R13: ffff88806573b503 R14: dffffc0000000000 R15: ffff8880663cca00 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc90a747f98 CR3: 000000000e734000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 000000000000002b DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Call Trace: <NMI> </NMI> <TASK> __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382 spin_unlock_bh include/linux/spinlock.h:396 [inline] nsim_dev_trap_report drivers/net/netdevsim/dev.c:820 [inline] nsim_dev_trap_report_work+0x75d/0xaa0 drivers/net/netdevsim/dev.c:850 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310 worker_thread+0x870/0xd30 kernel/workqueue.c:3391 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK>

How to fix

Remediation Available
linuxDebian
Fixed in:6.1.115-1CVE-2024-50155
Fixed in:6.11.6-1CVE-2024-50155
Fixed in:6.11.6-1CVE-2024-50155
linuxUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-awsUbuntu
Fixed in:6.8.0-1027.29USN-7449-1
linux-aws-6.8Ubuntu
Fixed in:6.8.0-1027.29~22.04.1USN-7451-1
linux-azureUbuntu
Fixed in:6.8.0-1027.32USN-7449-1
linux-azure-6.8Ubuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
linux-azure-nvidiaUbuntu
Fixed in:6.8.0-1014.15USN-7468-1
linux-gcpUbuntu
Fixed in:6.8.0-1028.30USN-7450-1
linux-gcp-6.8Ubuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
linux-gkeUbuntu
Fixed in:6.8.0-1023.27USN-7450-1
linux-gkeopUbuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-hwe-6.8Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-ibmUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-6.11.0-1015-oemUbuntu
Fixed in:6.11.0-1015.15USN-7310-1
linux-image-6.8.0-1010-gkeopUbuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-image-6.8.0-1014-azure-nvidiaUbuntu
Fixed in:6.8.0-1014.15USN-7468-1
linux-image-6.8.0-1023-gkeUbuntu
Fixed in:6.8.0-1023.27USN-7450-1
linux-image-6.8.0-1024-ibmUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-6.8.0-1024-oracleUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-6.8.0-1024-oracle-64kUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-6.8.0-1026-nvidiaUbuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-6.8.0-1026-nvidia-64kUbuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-6.8.0-1026-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-6.8.0-1026-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-6.8.0-1026-oemUbuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-image-6.8.0-1027-awsUbuntu
Fixed in:6.8.0-1027.29~22.04.1USN-7451-1
Fixed in:6.8.0-1027.29USN-7449-1
linux-image-6.8.0-1027-azureUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-6.8.0-1027-azure-fdeUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-6.8.0-1028-gcpUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-6.8.0-1028-gcp-64kUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-6.8.0-1028-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-image-6.8.0-2023-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-image-6.8.0-58-genericUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
Fixed in:6.8.0-58.60+1USN-7449-1
linux-image-6.8.0-58-generic-64kUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
Fixed in:6.8.0-58.60+1USN-7449-1
linux-image-6.8.0-58-lowlatencyUbuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-6.8.0-58-lowlatency-64kUbuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-6.8.1-1020-realtimeUbuntu
Fixed in:6.8.1-1020.21USN-7453-1
linux-image-awsUbuntu
Fixed in:6.8.0-1027.29~22.04.1USN-7451-1
Fixed in:6.8.0-1027.29USN-7449-1
linux-image-aws-lts-24.04Ubuntu
Fixed in:6.8.0-1027.29USN-7449-1
linux-image-azureUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
linux-image-azure-fdeUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
linux-image-azure-fde-lts-24.04Ubuntu
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-azure-lts-24.04Ubuntu
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-azure-nvidiaUbuntu
Fixed in:6.8.0-1014.15USN-7468-1
linux-image-gcpUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
linux-image-gcp-64kUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
linux-image-gcp-64k-lts-24.04Ubuntu
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-gcp-lts-24.04Ubuntu
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-genericUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-generic-64kUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-generic-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-generic-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-generic-lpaeUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-gkeUbuntu
Fixed in:6.8.0-1023.27USN-7450-1
linux-image-gkeopUbuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-image-gkeop-6.8Ubuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-image-ibmUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-ibm-classicUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-ibm-lts-24.04Ubuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-kvmUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-lowlatencyUbuntu
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-lowlatency-64kUbuntu
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-lowlatency-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
linux-image-lowlatency-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
linux-image-nvidiaUbuntu
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-nvidia-6.8Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-64kUbuntu
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-nvidia-64k-6.8Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-hwe-22.04Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-oem-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04aUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04bUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04cUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04dUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-24.04Ubuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-image-oem-24.04aUbuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-image-oem-24.04bUbuntu
Fixed in:6.11.0-1015.15USN-7310-1
linux-image-oracleUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-oracle-64kUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-oracle-64k-lts-24.04Ubuntu
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-oracle-lts-24.04Ubuntu
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-image-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-image-realtimeUbuntu
Fixed in:6.8.1-1020.21USN-7453-1
linux-image-realtime-hwe-24.04Ubuntu
Fixed in:6.8.1-1020.21USN-7453-1
linux-image-virtualUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-virtual-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-lowlatencyUbuntu
Fixed in:6.8.0-58.60.1USN-7449-1
linux-lowlatency-hwe-6.8Ubuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
linux-nvidiaUbuntu
Fixed in:6.8.0-1026.29USN-7449-1
linux-nvidia-6.8Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-oem-6.11Ubuntu
Fixed in:6.11.0-1015.15USN-7310-1
linux-oem-6.8Ubuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-oracleUbuntu
Fixed in:6.8.0-1024.25USN-7449-1
linux-oracle-6.8Ubuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
linux-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-realtimeUbuntu
Fixed in:6.8.1-1020.21USN-7453-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.23%probability of exploitation in 30 days
14thpercentile

Low risk: more likely to be exploited than 14% of all known CVEs.

References

Embed a live status badge for CVE-2024-50155
CVE-2024-50155 severity badge

Markdown

[![CVE-2024-50155](https://tridentstack.com/cve/badge/CVE-2024-50155.svg)](https://tridentstack.com/cve/CVE-2024-50155)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-50155"><img src="https://tridentstack.com/cve/badge/CVE-2024-50155.svg" alt="CVE-2024-50155"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-03.