CVE-2024-56783

medium

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnecessary WARN_ON_ONCE which is reachable from userspace.

References

https://git.kernel.org/stable/c/e227c042580ab065edc610c9ddc9bea691e6fc4d

https://git.kernel.org/stable/c/b7529880cb961d515642ce63f9d7570869bbbdc3

https://git.kernel.org/stable/c/7064a6daa4a700a298fe3aee11dea296bfe59fc4

https://git.kernel.org/stable/c/2f9bec0a749eb646b384fde0c7b7c24687b2ffae

Details

Source: Mitre, NVD

Published: 2025-01-08

Updated: 2025-01-09

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium