CVE-2024-47710: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-47710 is a vulnerability in the Linux kernel's sock_map functionality, discovered and reported by syzbot. The issue was identified in the sock_hash_free() function where multiple soft lockup reports were observed when a map with a large number of buckets is destroyed. The vulnerability affects multiple versions of the Linux kernel from 5.4.49 through 6.11.2 (NVD).

The vulnerability stems from the sock_hash_free() function not yielding CPU control when processing large bucket maps. The issue was traced back to a previous commit (75e68e5bf2c7) titled 'bpf, sockhash: Synchronize delete from bucket list on map free'. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (MEDIUM) with vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to soft lockups in the Linux kernel when destroying sock_map structures with large numbers of buckets, potentially affecting system availability. The CVSS scoring indicates that while confidentiality and integrity are not impacted, there is a high impact on availability under specific conditions (NVD).

The vulnerability has been patched by adding a cond_resched() call in the sock_hash_free() function, allowing the CPU to yield when needed during the processing of large bucket maps. The fix has been implemented across multiple kernel versions through various stable patches (Kernel Patch).